Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Pedro (14-11-2019 22:21:43)
Running from C:\Users\Pedro\Desktop
Windows 10 Home Version 1809 17763.864 (X64) (2018-12-28 07:46:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-622939137-141225199-2558093129-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-622939137-141225199-2558093129-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-622939137-141225199-2558093129-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-622939137-141225199-2558093129-501 - Limited - Disabled)
Pedro (S-1-5-21-622939137-141225199-2558093129-1001 - Administrator - Enabled) => C:\Users\Pedro
WDAGUtilityAccount (S-1-5-21-622939137-141225199-2558093129-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\uTorrent) (Version: 3.5.5.45231 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{E35BC1CF-235D-4995-A816-59D3615C3B9A}) (Version: 2.5.3850 - Famatech)
Backup and Sync from Google (HKLM\...\{04F8741C-2F6C-4324-BBAB-0CEB1E59FE67}) (Version: 3.46.7395.1225 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Foxit PhantomPDF (HKLM-x32\...\{1668067E-BD47-11E7-B267-000C296BF29B}) (Version: 9.0.0.29935 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HP Photosmart 5510 series Basic Device Software (HKLM\...\{CFF43B48-42A1-4967-9506-7E341BBD075F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Chrome Remote Desktop Host (HKLM-x32\...\{738276A2-92E7-4313-9E4D-D090F7DA98EC}) (Version: 79.0.3945.10 - Google Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
IrfanView 4.51 (64-bit) (HKLM\...\IrfanView64) (Version: 4.51 - Irfan Skiljan)
iSpy (64 bit) (HKLM\...\{BB26C3B0-86F2-4C85-92E0-D998C122BD07}) (Version: 7.2.0.0 - DeveloperInABox)
iSpy package installer (64 bit) (HKLM-x32\...\{570e7cf8-e943-4538-9873-b3bee2c47f11}) (Version: 7.2.0.0 - DeveloperInABox)
iVMS-4200(v2.4.1.3) (HKLM-x32\...\{7697245D-2E00-4B83-AD27-C051DE314D1F}) (Version: 2.4.1.3 - hikvision)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Yoga Mode Control (HKLM\...\{3F2E25D6-49D3-45D5-A7BD-13F5D6F64171}_is1) (Version: 2.0.0.9 - Lenovo)
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version:  - )
Logitech Options (HKLM\...\LogiOptions) (Version: 8.0.863 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Luxriot x64 Monitor (HKLM\...\{29ECCDB0-2FDF-4441-A8D1-070666430AF8}) (Version: 1.13.0.7258 - A&H Software House Inc) Hidden
Luxriot x64 Monitor (HKLM-x32\...\{a767123e-2682-4296-b9b5-a2f8e203e66c}) (Version: 1.13.0.7258 - A&H Software House Inc)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 68.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 68.0.2 (x64 sk)) (Version: 68.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nero 8 (HKLM-x32\...\{5FCCD531-1B38-4A94-924C-127F722F1051}) (Version: 8.2.89 - Nero AG)
Nmap 7.70 (HKLM-x32\...\Nmap) (Version: 7.70 - Nmap Project)
NoteBook FanControl (HKLM-x32\...\{571aa591-06c8-4dc3-938e-06d205a87ce4}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare)
NoteBook FanControl (HKLM-x32\...\{798653AE-0FC0-4380-AAAF-EF52B1407B79}) (Version: 1.6.1.0 - Stefan Hirschmann - StagWare) Hidden
Npcap 0.99-r2 (HKLM-x32\...\NpcapInst) (Version: 0.99-r2 - Nmap Project)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Radmin Viewer 3.5.2 (HKLM-x32\...\{9F9073EA-5DCE-4B23-8A0C-C7D2C89AEADC}) (Version: 3.52.1.0000 - Famatech)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7530 - Realtek Semiconductor Corp.)
Redist (HKLM\...\{DD3079E6-48D8-4F2F-AE3F-B89003738390}) (Version: 2.0 - Redist) Hidden
SADPTool (HKLM-x32\...\{7D9B79C2-B1B2-433B-844F-F4299B86F26E}) (Version: 3.0.0.16 - hikvision)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
SolarWinds IP Address Tracker (HKLM-x32\...\{41505E91-CB79-475C-9FC4-8C6A9B613A18}) (Version: 1 - SolarWinds) Hidden
SolarWinds IP Address Tracker (HKLM-x32\...\InstallShield_{41505E91-CB79-475C-9FC4-8C6A9B613A18}) (Version: 1 - SolarWinds)
Spotify (HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\Spotify) (Version: 1.1.19.480.g7d17e3ce - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.6.1 - Unified Intents AB)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{90150000-012B-041B-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4475564) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CD0EE05F-11E6-46FA-BB7B-D2A28C47A4F3}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Web Components (HKLM-x32\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version:  - )
webcamXP 5 Free (HKLM-x32\...\wLite) (Version: 5.9.8.7 - Moonware Studios)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version:  - )
WinRAR archivátor (HKLM-x32\...\WinRAR archiver) (Version:  - )
ZWCAD Architecture 2019 English (HKLM\...\{FEC04AC9-A003-1033-A001-BAB53898898A}) (Version: 19.2.2019.0222 - ZWSOFT)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.2.6.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-01] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-15] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-17] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-08] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.105.0_x64__8wekyb3d8bbwe [2019-11-12] (Microsoft Studios)
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Musixmatch Lyrics - Sing along Spotify, iTunes, Windows Media Player -> C:\Program Files\WindowsApps\MUSIXMATCH.LYRICS_3.6.3254.0_x86__7gejyv32yt3te [2019-07-30] (Musixmatch) [Startup Task]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-06] (Microsoft Corporation) [MS Ad]
Sleep♯ -> C:\Program Files\WindowsApps\40865CJS3.SleepSharp_5.0.17.0_neutral__z61s08h0ks9h4 [2019-01-15] (CJS3) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-12-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-10-10] (Google LLC -> Google)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-02-10] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-02-10] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Vzdialená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) =============

2018-12-11 20:33 - 2010-02-10 18:10 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000114176 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_ctypes.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000173056 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_elementtree.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001803776 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_hashlib.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000032256 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_multiprocessing.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000046080 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_psutil_windows.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000047616 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_socket.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 002235904 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_ssl.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000026112 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\_yappi.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000080896 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\bz2.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000016384 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\common.time34.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000007680 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\hashobjs_ext.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000301568 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\PIL._imaging.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000169472 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\pyexpat.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001084416 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\pysqlite2._sqlite.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000548864 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\pythoncom27.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000137728 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\pywintypes27.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000010752 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\select.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000020992 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\thumbnails_ext.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000689664 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\unicodedata.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000119808 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\usb_ext.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000128512 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32api.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000438784 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32com.shell.shell.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000011776 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32crypt.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000023040 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32event.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000149504 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32file.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000223232 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32gui.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000048128 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32inet.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000029696 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32pdh.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000027648 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32pipe.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000044032 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32process.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000020480 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32profile.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000136192 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32security.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000026624 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\win32ts.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000034816 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\windows.conditional.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000038400 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\windows.connectivity.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000071680 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\windows.device_monitor.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000109056 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\windows.volumes.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000020480 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\windows.winwrap.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001325056 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._controls_.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001489408 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._core_.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001007104 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._gdi_.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000103424 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._html2.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 000916992 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._misc_.pyd
2019-11-14 22:09 - 2019-11-14 22:09 - 001039872 _____ () [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wx._windows_.pyd
2019-10-25 08:26 - 2019-10-25 08:26 - 003709952 _____ (NLog) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\NLog\9df82841700cb6e1631ef0f7b8110e06\NLog.ni.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 003042816 _____ (Python Software Foundation) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\python27.dll
2019-10-25 08:10 - 2019-10-25 08:10 - 000016896 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.BiosInfo\5a503ff618306e0a7b2346b61fe889fb\StagWare.BiosInfo.ni.dll
2019-10-25 08:28 - 2019-10-25 08:28 - 000039424 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fa1fc2d056#\45e6bc865311b602d570bf7223696687\StagWare.FanControl.Service.ni.dll
2019-10-25 08:10 - 2019-10-25 08:10 - 000209408 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Fafc31ac88#\48705c2dc62c35d7944046030ca1532d\StagWare.FanControl.Configurations.ni.dll
2019-10-25 08:26 - 2019-10-25 08:26 - 000147456 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.FanControl\b868aed097af68cfd313f617ec22c490\StagWare.FanControl.ni.dll
2019-10-25 08:28 - 2019-10-25 08:28 - 000039936 _____ (StagWare) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\StagWare.Settings\d9680263853e514c0e5a14b8c7ef7daf\StagWare.Settings.ni.dll
2019-10-25 08:10 - 2019-10-25 08:10 - 000141312 _____ (Tatham Oddie) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.IO.A6c43dedd#\d5941445ada76246e27267e12a91ec14\System.IO.Abstractions.ni.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxbase30u_net_vc90_x64.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxbase30u_vc90_x64.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxmsw30u_adv_vc90_x64.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxmsw30u_core_vc90_x64.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxmsw30u_html_vc90_x64.dll
2019-11-14 22:09 - 2019-11-14 22:09 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Pedro\AppData\Local\Temp\_MEI68962\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: ZWCAD.SCR.2019 =>  <==== ATTENTION

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-01-21 21:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\NoteBook FanControl\
HKU\S-1-5-21-622939137-141225199-2558093129-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-622939137-141225199-2558093129-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0B9605DE-7787-4987-B411-2F1876C02B42}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2DDE39A1-850E-4706-98AF-E52635C3EDD5}] => (Allow) C:\Users\Pedro\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C4C0FA74-A80E-472E-8E9C-333FD52D29E0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D902211D-9354-4BFE-A06C-26A896976BF0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{DEE7462F-B1CE-4F95-B29C-E1A10CCAA945}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{E7E5FC45-0E57-41F4-B6E0-16FA99B27206}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe (HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{46CA0B6B-A7A8-4B4F-94BA-98259D07327E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{497F3415-CA52-44AA-A2AC-1268AFD39677}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{4B72AB8F-20C9-483F-A209-F1D1AF828E67}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [TCP Query User{D7AFD402-0D73-4241-9E4B-96FC807FFC1E}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{5510C1C7-49E0-4511-AC9C-DDBE9FBAA4D2}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{6480C428-4763-49F2-A368-21E9408CC995}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [TCP Query User{413C9282-9322-4C31-8652-FD0A3DD27DD3}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{EBC8962A-0A0A-4126-B9CC-2710A822A2F5}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AAD5C933-D3A9-423E-92A8-5266D5522771}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DA41A567-E6A4-491E-8D10-D57F70C954FD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{831F3986-BE21-4662-BECF-0ADD81D41FEC}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{502AFB93-29B6-46EC-8671-03896532D7B9}C:\users\pedro\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\pedro\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{05685123-85C0-4777-A781-AC290F2A5320}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{1335954A-2D6B-4884-A43C-0377DDC054D8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{8EF246D1-3799-4709-950E-1DF2D3CAF93C}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{AADAE51F-18E5-453D-A09B-2C4EE64F9576}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F0F8BE16-C3EF-4AAE-8DA8-28FD3D7E6389}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{4D0E8782-5881-4075-B1ED-93A70CA88E7F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [UDP Query User{9FC35E53-68A8-4CC9-AC0B-CA9B20B5FB2F}C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe] => (Allow) C:\program files\ivms-4200 station\ivms-4200\ivms-4200 client\ivms-4200.exe (HIKVISION DIGITAL TECHNOLOGY CO.,LTD. -> )
FirewallRules: [{8900065F-4283-45C6-BCBC-1E1B1CA8A6EA}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille ->  Moonware Studios)
FirewallRules: [{38EFD0AC-20FA-45CC-B62B-85D929E5BE26}] => (Allow) C:\Program Files (x86)\webcamXP5\webcamXP.exe (Steve Niquille ->  Moonware Studios)
FirewallRules: [TCP Query User{C9F451DB-61AC-4584-AABE-6900B1E335F2}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{4DC980C1-47DE-4471-B55D-16A7D875384B}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [TCP Query User{15A8A5D2-2E88-4734-870E-71B45AFDB0B6}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [UDP Query User{088B0891-220F-42E3-BDCB-769B741751A7}C:\program files\ispy\ispy.exe] => (Allow) C:\program files\ispy\ispy.exe (www.ispyconnect.com) [File not signed]
FirewallRules: [{128E9C15-B163-4166-AB28-7875392968F2}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{8802F1B5-9230-4204-BB8E-5FDD3CC7E596}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{7011C526-73D6-460F-93BC-B243AD739433}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\CrashReportManagement.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{C9AE25C9-DF58-46D1-AA12-F5390C75D8CB}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{223EAB1D-6709-48BB-A0F3-9878FEC4E85F}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{BC1CDC1D-D083-41F0-BADE-84B08DA0C2BE}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{254EAF6F-36BB-43B2-9BD2-D295DA4FD958}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZWCAD.exe (ZWCAD Software Co.,LTD -> ) [File not signed]
FirewallRules: [{7EF1B134-D537-4D0C-AAA2-41AE1B6F2D0B}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwAuthHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{1DC0C273-D0FD-46DD-BEDA-939DBE51A266}] => (Allow) C:\Program Files\ZWSOFT\ZWCAD Architecture 2019 ENU\ZwUpdHost.exe (ZWCAD Software Co.,LTD -> )
FirewallRules: [{15F9B17D-11FC-4B38-82A2-8C739B3416B7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D8113741-2411-4370-9F85-00239E1E3FC1}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\79.0.3945.10\remoting_host.exe (Google LLC -> Spoločnosť Google Inc.)

==================== Restore Points =========================

29-10-2019 22:09:20 Nainštalované Microsoft Visual C++ 2005 Redistributable (x64)
08-11-2019 13:49:31 Scheduled Checkpoint
12-11-2019 22:01:15 Windows Update
12-11-2019 23:02:38 JRT Pre-Junkware Removal
14-11-2019 21:54:35 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============

Name: Npcap Loopback Adapter
Description: Microsoft KM-TEST Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kmloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/14/2019 08:47:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Názov chybujúceho modulu: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Kód výnimky: 0xc0000005
Odstup chyby: 0x004214fb
Identifikácia chybujúceho procesu: 0x2a54
Čas spustenia chybujúcej aplikácie: 0x01d59b24326b8787
Cesta chybujúcej aplikácie: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Cesta chybujúceho modulu: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Identifikácia hlásenia: a15299c8-de77-439e-8341-c2f712bb2dd8
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/14/2019 03:05:29 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 1688, ProfSvc PID: 1852.

Error: (11/14/2019 02:59:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17763.1, časová značka: 0xb900eeff
Názov chybujúceho modulu: wpnuserservice.dll, verzia: 10.0.17763.1, časová značka: 0xcb4f608f
Kód výnimky: 0xc0000409
Odstup chyby: 0x0000000000008a6d
Identifikácia chybujúceho procesu: 0xbc4
Čas spustenia chybujúcej aplikácie: 0x01d599a40cb0afd4
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: c:\windows\system32\wpnuserservice.dll
Identifikácia hlásenia: 2488937f-09e0-4a96-bbaa-84ca5cd0dfa2
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/12/2019 11:45:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SkypeApp.exe, verzia: 8.54.0.85, časová značka: 0x5dbb403e
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.17763.802, časová značka: 0x322dae8f
Kód výnimky: 0xc000027b
Odstup chyby: 0x0000000000701a52
Identifikácia chybujúceho procesu: 0x1e74
Čas spustenia chybujúcej aplikácie: 0x01d599a41c28f9db
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: 4fb0503f-6c3c-417a-91f3-7ab679650233
Celé meno chybujúceho balíka: Microsoft.SkypeApp_14.54.85.0_x64__kzf8qxf38zg5c
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/12/2019 10:28:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SkypeApp.exe, verzia: 8.54.0.85, časová značka: 0x5dbb403e
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.17763.802, časová značka: 0x322dae8f
Kód výnimky: 0xc000027b
Odstup chyby: 0x0000000000701a52
Identifikácia chybujúceho procesu: 0x3368
Čas spustenia chybujúcej aplikácie: 0x01d594d7cc69ebfa
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.85.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: a811b43d-3d6e-41d4-9958-d061288b69f4
Celé meno chybujúceho balíka: Microsoft.SkypeApp_14.54.85.0_x64__kzf8qxf38zg5c
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/12/2019 10:17:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: wuauclt.exe, verzia: 10.0.17763.1, časová značka: 0xedc68a66
Názov chybujúceho modulu: combase.dll, verzia: 10.0.17763.737, časová značka: 0xc366780e
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000004aaa4
Identifikácia chybujúceho procesu: 0x38c
Čas spustenia chybujúcej aplikácie: 0x01d5999c8dc4ae82
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\wuauclt.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\combase.dll
Identifikácia hlásenia: 82843553-cef5-431f-9420-892398ea9690
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/12/2019 09:51:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Názov chybujúceho modulu: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Kód výnimky: 0xc0000005
Odstup chyby: 0x004214fb
Identifikácia chybujúceho procesu: 0x26e8
Čas spustenia chybujúcej aplikácie: 0x01d5999ae38da360
Cesta chybujúcej aplikácie: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Cesta chybujúceho modulu: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Identifikácia hlásenia: e2e93615-abb8-4de8-a799-e895167a4755
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/12/2019 09:44:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Názov chybujúceho modulu: adwcleaner_7.4.1.exe, verzia: 7.4.1.0, časová značka: 0x5d715fba
Kód výnimky: 0xc0000005
Odstup chyby: 0x004214fb
Identifikácia chybujúceho procesu: 0x2ab0
Čas spustenia chybujúcej aplikácie: 0x01d59999f1a57bf3
Cesta chybujúcej aplikácie: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Cesta chybujúceho modulu: C:\Users\Pedro\Desktop\adwcleaner_7.4.1.exe
Identifikácia hlásenia: 6852838f-82b3-4a87-8786-c0fc0c9e2c6d
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (11/14/2019 10:10:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NVJD1LG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-NVJD1LG\Pedro SID (S-1-5-21-622939137-141225199-2558093129-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:50:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.SecurityAppBroker
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:50:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:50:16 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:47:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:47:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/14/2019 09:43:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NoteBook FanControl Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (11/14/2019 09:43:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ymc sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2019-11-14 01:18:22.644
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {030D42CF-A157-4384-8655-D675C5328EF5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-14 00:03:20.746
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A23D3E7B-934A-47C2-9E46-32EADB907BD9}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-13 23:58:09.909
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F4E835B3-98E6-44EA-8ADF-040966F9AB03}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-13 23:50:33.457
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4E83C470-701F-4D8E-B747-C67DB47BC767}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-12 22:06:26.671
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F02563D7-0C01-4C42-9770-E3065841CAE4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2019-11-14 21:45:17.053
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-14 20:40:09.537
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-14 03:02:53.927
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-12 22:48:49.373
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-04 19:41:39.713
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-03 10:41:31.914
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-02 10:11:58.144
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-11-01 10:39:25.656
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\uvhid.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: LENOVO 96CN27WW(V1.13) 09/09/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz
Percentage of memory in use: 58%
Total physical RAM: 4016.96 MB
Available physical RAM: 1655.43 MB
Total Virtual: 8112.96 MB
Available Virtual: 5302.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:174.44 GB) (Free:26.21 GB) NTFS
Drive d: () (Fixed) (Total:289.98 GB) (Free:21.34 GB) NTFS

\\?\Volume{c42e0060-dd36-4a0a-b90a-e93a14540c60}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{3033b16a-2a35-45a7-b950-de364193d5ce}\ () (Fixed) (Total:0.78 GB) (Free:0.32 GB) NTFS
\\?\Volume{b9545704-433d-4fc6-af0d-de40f2ded245}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2B66F383)

Partition: GPT.

==================== End of Addition.txt =======================