Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Vlado (administrator) on LAPTOP-RSV8O8AU (03-11-2018 11:56:27)
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado & (Available Profiles: Vlado)
Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
Failed to access process -> backgroundTaskHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.52_none_96d83ec8e9f322fc\TiWorker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Time.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [454072 2015-06-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{48fce1a9-e4b0-402e-8a6d-8e18fa3ad758}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{d53ff755-1670-4c93-bd8b-633392b9539b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-24] (Oracle Corporation)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default [2018-11-03]
CHR Extension: (Prezentácie) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Adblock Plus) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (Tabuľky) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-06-28]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-28]
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-01-08] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-10] ()
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-12] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; F:\origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
S2 Origin Web Helper Service; F:\origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-08] (Qualcomm)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-09] (CyberLink)
R3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-29] (Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN Microelectronics Corp.)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-10-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-10-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-10-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-10-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b0804a8322213783\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-17] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek )
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snUVCg2.sys [1710128 2017-11-05] (Sonix Tech. Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-03 11:56 - 2018-11-03 11:56 - 000028869 _____ C:\Users\Vlado\Desktop\FRST.txt
2018-11-03 11:56 - 2018-11-03 11:56 - 000000000 ____D C:\FRST
2018-11-03 11:55 - 2018-11-03 11:55 - 002414592 _____ (Farbar) C:\Users\Vlado\Desktop\FRST64.exe
2018-11-03 11:52 - 2018-11-03 11:52 - 000000000 ___HD C:\OneDriveTemp
2018-11-02 18:30 - 2018-11-02 18:30 - 062774584 _____ (Skype Technologies S.A.) C:\Users\Vlado\Downloads\Skype-8.33.0.50.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-02 18:30 - 2018-11-02 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-30 18:14 - 2018-10-30 18:15 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Game
2018-10-30 18:14 - 2018-10-30 18:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-10-30 18:11 - 2018-10-30 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2018-10-30 12:28 - 2018-10-30 12:28 - 000241060 _____ C:\Users\Vlado\Downloads\absolutne-poradie-hhbd-2018.pdf
2018-10-29 18:00 - 2018-11-03 11:53 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-10-29 17:42 - 2018-10-29 17:42 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000000000 ____D C:\Program Files\Zoner
2018-10-29 17:12 - 2018-10-29 17:27 - 167571348 _____ C:\Users\Vlado\Downloads\Zoner Photo Studio X 19.1809.2.83.rar
2018-10-29 17:09 - 2018-10-29 17:09 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-26 16:55 - 2018-10-26 16:56 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:56 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2018-10-26 16:55 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2018-10-26 16:55 - 2017-11-08 23:43 - 000191448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000159200 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2018-10-26 16:55 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-10-25 20:11 - 2018-10-29 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-25 20:10 - 2018-10-26 16:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-23 17:12 - 2018-10-29 17:08 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-23 17:12 - 2018-10-23 17:12 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbamtray
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbam
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-23 17:11 - 2018-10-23 17:11 - 080022264 _____ (Malwarebytes ) C:\Users\Vlado\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-21 14:10 - 2018-10-21 14:10 - 000000000 ____D C:\Users\Vlado\AppData\Local\PAYDAY
2018-10-21 11:50 - 2018-10-23 17:33 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Twitch
2018-10-21 11:50 - 2018-10-21 11:50 - 000000979 _____ C:\Users\Vlado\Desktop\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000965 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000000 ____D C:\ProgramData\Twitch
2018-10-21 11:49 - 2018-10-21 11:49 - 087447456 _____ C:\Users\Vlado\Downloads\TwitchSetup_[usher-268306925].exe
2018-10-18 15:29 - 2018-10-18 15:29 - 000000000 ____D C:\WINDOWS\Panther
2018-10-18 14:56 - 2018-10-18 14:56 - 000654652 _____ C:\Users\Vlado\Downloads\Cennk_W177_2018_07_27_akt.pdf
2018-10-12 18:29 - 2018-10-12 18:29 - 000000000 _____ C:\Users\Public\Shared Files
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\EasyAntiCheat
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Local\FortniteGame
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngineLauncher
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\EpicGamesLauncher
2018-10-12 17:59 - 2018-10-12 18:00 - 000000000 ____D C:\ProgramData\Epic
2018-10-12 17:59 - 2018-10-12 17:59 - 033542144 _____ C:\Users\Vlado\Downloads\EpicInstaller-7.16.0-fortnite-d0fd3d3521c2463284ba9773051cf181.msi
2018-10-09 18:13 - 2018-10-09 18:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-08 17:18 - 2018-10-08 17:18 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-10-07 15:52 - 2018-10-07 15:52 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-07 15:49 - 2018-10-03 04:31 - 035296480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 029972128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 015907904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 013202672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 001167560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:32 - 001998200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001507944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001455176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001122376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000631368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000521904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 019704344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 016983304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 004249912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 002018352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 001468360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 040253672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 035151592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004310984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-06 14:28 - 2018-10-06 14:28 - 002146496 _____ (Panda Security, S.L.) C:\Users\Vlado\Downloads\PANDAFREEAV.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-03 11:54 - 2018-06-09 19:06 - 000000000 ____D C:\Users\Vlado\AppData\Local\CrashDumps
2018-11-03 11:54 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-03 11:53 - 2018-07-11 19:05 - 000000000 ____D C:\Users\Vlado\Documents\YouCam
2018-11-03 11:52 - 2018-05-25 07:10 - 000000000 ___RD C:\Users\Vlado\OneDrive
2018-11-03 11:52 - 2018-05-25 07:08 - 000000000 __SHD C:\Users\Vlado\IntelGraphicsProfiles
2018-11-02 21:33 - 2018-10-03 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-02 18:37 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-02 18:30 - 2018-05-24 18:46 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Skype
2018-11-02 17:26 - 2018-05-25 16:14 - 000000000 ____D C:\Users\Vlado\AppData\LocalLow\Mozilla
2018-10-31 15:37 - 2018-05-25 07:28 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-31 15:37 - 2018-05-25 07:28 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 20:41 - 2018-07-21 10:22 - 000000000 ____D C:\ProgramData\ProductData
2018-10-30 18:19 - 2018-05-25 13:32 - 000000000 ____D C:\Users\Vlado\Desktop\hry
2018-10-29 18:06 - 2018-10-03 16:38 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-29 18:06 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-10-29 17:59 - 2018-10-03 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-29 17:59 - 2018-10-03 16:07 - 000595704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-29 17:59 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Zoner
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Local\Zoner
2018-10-29 17:07 - 2018-06-08 18:41 - 000000000 ____D C:\Users\Vlado\Documents\FLiNGTrainer
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Panda Security
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-10-26 16:55 - 2018-05-25 07:30 - 000000000 ____D C:\ProgramData\Panda Security
2018-10-26 16:53 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-26 16:07 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-26 14:34 - 2018-07-12 18:26 - 000000000 ____D C:\Users\Vlado\Desktop\praca
2018-10-25 20:09 - 2018-08-22 13:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-25 19:57 - 2018-05-24 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 14:33 - 2018-05-25 14:23 - 000000000 ____D C:\Users\Vlado\AppData\Local\PlaceholderTileLogoFolder
2018-10-22 14:33 - 2018-05-25 07:08 - 000000000 ____D C:\Users\Vlado\AppData\Local\Packages
2018-10-21 14:10 - 2018-05-25 10:37 - 000000000 ____D C:\Users\Vlado\AppData\Local\D3DSCache
2018-10-21 13:34 - 2018-05-25 12:02 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-19 14:29 - 2018-06-05 14:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA
2018-10-18 14:50 - 2018-10-03 16:12 - 000004218 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533206182
2018-10-18 14:50 - 2018-08-02 11:36 - 000001377 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-10-17 16:41 - 2018-10-03 16:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-06-07 16:01 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-16 14:09 - 2018-10-03 16:12 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3757017093-2623875683-488815004-1001
2018-10-16 14:09 - 2018-10-03 16:08 - 000002374 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 06:46 - 2018-07-11 06:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 12:11 - 2018-08-11 16:33 - 000000000 ____D C:\Users\Vlado\AppData\Local\ElevatedDiagnostics
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\PerfLogs
2018-10-12 18:22 - 2018-06-24 13:28 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-10-12 18:00 - 2018-06-24 13:29 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngine
2018-10-12 18:00 - 2017-09-01 09:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-10 21:04 - 2018-05-24 16:50 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 002248232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-10-10 19:22 - 2018-05-24 16:49 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-10 17:55 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 16:32 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 18:15 - 2018-05-24 20:33 - 000000000 ___RD C:\Users\Vlado\3D Objects
2018-10-09 18:15 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 18:12 - 2018-05-24 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:11 - 2018-05-24 19:21 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-07 15:53 - 2018-06-09 18:52 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Origin
2018-10-07 15:52 - 2018-05-24 18:21 - 000000000 ____D C:\ProgramData\Origin
2018-10-07 15:43 - 2018-05-24 17:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA Corporation
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-06 10:54 - 2018-10-03 16:13 - 000000000 ____D C:\Users\Vlado\AppData\Local\PackageStaging
2018-10-04 14:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat
==================== Files in the root of some directories =======
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
Some files in TEMP:
====================
2018-10-27 17:49 - 2018-10-27 17:49 - 000000000 _____ () C:\Users\Vlado\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-10-27 17:49 - 2018-10-27 17:49 - 000000016 _____ () C:\Users\Vlado\AppData\Local\Temp\a3b624dfdcbf7b62b2fec8d382197774.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o kontrolu
Ahoj 
Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd) - su to cinske smejdy, ktore mozu poskodit system.
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd) - su to cinske smejdy, ktore mozu poskodit system. Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-03-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 10
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Vlado\AppData\Local\Host App Service
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2052 octets] - [03/11/2018 17:44:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-03-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 10
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Vlado\AppData\Local\Host App Service
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2052 octets] - [03/11/2018 17:44:12]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: prosim o kontrolu
Poprosim o obidva nove logy z FRST.Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (03-11-2018 11:57:07)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04B56776-A43B-49AC-AAB1-2C68D566EA9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce736b5c-54c5-4461-b265-6b08edca0be3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {4D43CE86-7575-4649-A9BA-66648141D3FE} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {6826F647-5ACE-4F26-8727-E3ADB313CA67} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4de57690-e03e-4c85-9f0e-626756f17e12 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B5B6B739-E60E-467D-858F-C6C9F9648391} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\40776c15-62d1-4776-aeea-1e6e691a422f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {C8694715-5994-42D0-9641-560A9C08FEC4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b77c764c-de5e-4b20-9c36-242f88e4d10a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 004210688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Time.exe
2018-08-20 19:31 - 2018-08-20 19:31 - 004445248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000954368 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeControls.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-07-21 10:21 - 2017-05-22 10:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140617\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333289\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140657\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333409\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{9AAA8A40-20F4-4717-A916-2D50A3571184}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{8F35DBC0-E7AC-42B1-BB3E-5ABD67507232}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{260CFC6C-465C-42F7-AE93-AECB4E33BC96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBABAE1-3855-4977-AD13-3C7993D1C3CB}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [{6EEFB2B4-7925-4C23-BE30-7731989F4E6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9CEE7E7F-11A0-43F8-B9A8-171CED6D1E1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{99D4E3B3-31DE-4F3E-9346-3BD8A77AD058}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C02D76C9-91F7-4BF9-A8B4-9EB50ED1A863}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================
20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/03/2018 11:54:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SecHealthUI.exe, verzia: 10.0.17763.1, časová značka: 0x5b9c582d
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.17763.1, časová značka: 0xa69151fc
Kód výnimky: 0xc000027b
Odstup chyby: 0x0000000000707c32
Identifikácia chybujúceho procesu: 0x185bc
Čas spustenia chybujúcej aplikácie: 0x01d473638a0efd01
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: 5d53f5f9-3f59-4c20-aeba-1e22dbd254b1
Celé meno chybujúceho balíka: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: SecHealthUI
Error: (11/03/2018 11:52:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x323c
Čas spustenia chybujúcej aplikácie: 0x01d473634e6e73de
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 48ff04f0-280c-4b14-bbc6-9aa1809a8c62
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 09:33:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1d5f8
Čas spustenia chybujúcej aplikácie: 0x01d472eb57755b48
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 219e19f2-248e-444a-9b1e-2e3e287521e0
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 07:33:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c564
Čas spustenia chybujúcej aplikácie: 0x01d472da96c88d41
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 644bf4e0-423b-46eb-91ed-37a229edbe05
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SkypeApp.exe, verzia: 8.33.0.41, časová značka: 0x5bca1f01
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1dab8
Čas spustenia chybujúcej aplikácie: 0x01d472d145a3449b
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 09ca3e2b-e3a5-4f98-b62a-4a8f9774bf08
Celé meno chybujúceho balíka: Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c7fc
Čas spustenia chybujúcej aplikácie: 0x01d472d0f077d88c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b1f50a51-568c-4665-a2dd-9d6aa5f9ebd8
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:24:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x3758
Čas spustenia chybujúcej aplikácie: 0x01d472d0ef582582
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 84d9f515-b5c5-44fa-ac26-7e4bfff3f598
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 05:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xab0
Čas spustenia chybujúcej aplikácie: 0x01d472c77c320fc2
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69f892c6-ce18-43ae-b815-a649656d41b4
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (11/03/2018 11:54:20 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:32 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 07:34:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 07:33:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 06:33:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 06:32:06 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
CodeIntegrity:
===================================
Date: 2018-10-29 17:59:56.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.591
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.548
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.509
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 8066.72 MB
Available physical RAM: 4391.58 MB
Total Virtual: 10498.72 MB
Available Virtual: 5608.71 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:112.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.48 GB) NTFS
\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Vlado (03-11-2018 11:57:07)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04B56776-A43B-49AC-AAB1-2C68D566EA9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce736b5c-54c5-4461-b265-6b08edca0be3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {4D43CE86-7575-4649-A9BA-66648141D3FE} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {6826F647-5ACE-4F26-8727-E3ADB313CA67} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4de57690-e03e-4c85-9f0e-626756f17e12 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B5B6B739-E60E-467D-858F-C6C9F9648391} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\40776c15-62d1-4776-aeea-1e6e691a422f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {C8694715-5994-42D0-9641-560A9C08FEC4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b77c764c-de5e-4b20-9c36-242f88e4d10a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 004210688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Time.exe
2018-08-20 19:31 - 2018-08-20 19:31 - 004445248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000954368 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeControls.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-07-21 10:21 - 2017-05-22 10:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140617\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333289\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140657\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333409\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{9AAA8A40-20F4-4717-A916-2D50A3571184}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{8F35DBC0-E7AC-42B1-BB3E-5ABD67507232}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{260CFC6C-465C-42F7-AE93-AECB4E33BC96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBABAE1-3855-4977-AD13-3C7993D1C3CB}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [{6EEFB2B4-7925-4C23-BE30-7731989F4E6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9CEE7E7F-11A0-43F8-B9A8-171CED6D1E1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{99D4E3B3-31DE-4F3E-9346-3BD8A77AD058}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C02D76C9-91F7-4BF9-A8B4-9EB50ED1A863}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================
20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/03/2018 11:54:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SecHealthUI.exe, verzia: 10.0.17763.1, časová značka: 0x5b9c582d
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.17763.1, časová značka: 0xa69151fc
Kód výnimky: 0xc000027b
Odstup chyby: 0x0000000000707c32
Identifikácia chybujúceho procesu: 0x185bc
Čas spustenia chybujúcej aplikácie: 0x01d473638a0efd01
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: 5d53f5f9-3f59-4c20-aeba-1e22dbd254b1
Celé meno chybujúceho balíka: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: SecHealthUI
Error: (11/03/2018 11:52:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x323c
Čas spustenia chybujúcej aplikácie: 0x01d473634e6e73de
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 48ff04f0-280c-4b14-bbc6-9aa1809a8c62
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 09:33:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1d5f8
Čas spustenia chybujúcej aplikácie: 0x01d472eb57755b48
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 219e19f2-248e-444a-9b1e-2e3e287521e0
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 07:33:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c564
Čas spustenia chybujúcej aplikácie: 0x01d472da96c88d41
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 644bf4e0-423b-46eb-91ed-37a229edbe05
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SkypeApp.exe, verzia: 8.33.0.41, časová značka: 0x5bca1f01
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1dab8
Čas spustenia chybujúcej aplikácie: 0x01d472d145a3449b
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 09ca3e2b-e3a5-4f98-b62a-4a8f9774bf08
Celé meno chybujúceho balíka: Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c7fc
Čas spustenia chybujúcej aplikácie: 0x01d472d0f077d88c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b1f50a51-568c-4665-a2dd-9d6aa5f9ebd8
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 06:24:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x3758
Čas spustenia chybujúcej aplikácie: 0x01d472d0ef582582
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 84d9f515-b5c5-44fa-ac26-7e4bfff3f598
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/02/2018 05:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xab0
Čas spustenia chybujúcej aplikácie: 0x01d472c77c320fc2
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69f892c6-ce18-43ae-b815-a649656d41b4
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
System errors:
=============
Error: (11/03/2018 11:54:20 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:32 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 07:34:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 07:33:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 06:33:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/02/2018 06:32:06 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
CodeIntegrity:
===================================
Date: 2018-10-29 17:59:56.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.591
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.548
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-10-29 17:59:56.509
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 8066.72 MB
Available physical RAM: 4391.58 MB
Total Virtual: 10498.72 MB
Available Virtual: 5608.71 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:112.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.48 GB) NTFS
\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)
Partition: GPT.
==================== End of Addition.txt ============================
Re: prosim o kontrolu
Chyba este hlavny log FRST.txtAbsolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
posielam 2 nove logy
Re: prosim o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Vlado (administrator) on LAPTOP-RSV8O8AU (04-11-2018 09:22:34)
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Electronic Arts) F:\origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompPkgSrv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20186.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [454072 2015-06-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{48fce1a9-e4b0-402e-8a6d-8e18fa3ad758}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{d53ff755-1670-4c93-bd8b-633392b9539b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-24] (Oracle Corporation)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default [2018-11-03]
CHR Extension: (Prezentácie) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Adblock Plus) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (Tabuľky) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-03]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-03]
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-01-08] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-10] ()
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-12] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; F:\origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
R2 Origin Web Helper Service; F:\origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-08] (Qualcomm)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-09] (CyberLink)
R3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-29] (Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN Microelectronics Corp.)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-10-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b0804a8322213783\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-17] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek )
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snUVCg2.sys [1710128 2017-11-05] (Sonix Tech. Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-03 17:45 - 2018-11-03 19:25 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-11-03 17:43 - 2018-11-03 17:44 - 000000000 ____D C:\AdwCleaner
2018-11-03 17:43 - 2018-11-03 17:43 - 007592144 _____ (Malwarebytes) C:\Users\Vlado\Downloads\adwcleaner_7.2.4.0.exe
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\OneDriveTemp
2018-11-03 11:56 - 2018-11-04 09:22 - 000026482 _____ C:\Users\Vlado\Desktop\FRST.txt
2018-11-03 11:56 - 2018-11-04 09:22 - 000000000 ____D C:\FRST
2018-11-03 11:55 - 2018-11-03 11:55 - 002414592 _____ (Farbar) C:\Users\Vlado\Desktop\FRST64.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 062774584 _____ (Skype Technologies S.A.) C:\Users\Vlado\Downloads\Skype-8.33.0.50.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-02 18:30 - 2018-11-02 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-30 18:14 - 2018-10-30 18:15 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Game
2018-10-30 18:14 - 2018-10-30 18:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-10-30 18:11 - 2018-10-30 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2018-10-30 12:28 - 2018-10-30 12:28 - 000241060 _____ C:\Users\Vlado\Downloads\absolutne-poradie-hhbd-2018.pdf
2018-10-29 17:42 - 2018-10-29 17:42 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000000000 ____D C:\Program Files\Zoner
2018-10-29 17:12 - 2018-10-29 17:27 - 167571348 _____ C:\Users\Vlado\Downloads\Zoner Photo Studio X 19.1809.2.83.rar
2018-10-29 17:09 - 2018-10-29 17:09 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-26 16:55 - 2018-10-26 16:56 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:56 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2018-10-26 16:55 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2018-10-26 16:55 - 2017-11-08 23:43 - 000191448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000159200 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2018-10-26 16:55 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-10-25 20:11 - 2018-10-29 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-25 20:10 - 2018-10-26 16:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-23 17:12 - 2018-10-29 17:08 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-23 17:12 - 2018-10-23 17:12 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbamtray
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbam
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-23 17:11 - 2018-10-23 17:11 - 080022264 _____ (Malwarebytes ) C:\Users\Vlado\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-21 14:10 - 2018-10-21 14:10 - 000000000 ____D C:\Users\Vlado\AppData\Local\PAYDAY
2018-10-21 11:50 - 2018-10-23 17:33 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Twitch
2018-10-21 11:50 - 2018-10-21 11:50 - 000000979 _____ C:\Users\Vlado\Desktop\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000965 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000000 ____D C:\ProgramData\Twitch
2018-10-21 11:49 - 2018-10-21 11:49 - 087447456 _____ C:\Users\Vlado\Downloads\TwitchSetup_[usher-268306925].exe
2018-10-18 15:29 - 2018-10-18 15:29 - 000000000 ____D C:\WINDOWS\Panther
2018-10-18 14:56 - 2018-10-18 14:56 - 000654652 _____ C:\Users\Vlado\Downloads\Cennk_W177_2018_07_27_akt.pdf
2018-10-12 18:29 - 2018-10-12 18:29 - 000000000 _____ C:\Users\Public\Shared Files
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\EasyAntiCheat
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Local\FortniteGame
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngineLauncher
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\EpicGamesLauncher
2018-10-12 17:59 - 2018-10-12 18:00 - 000000000 ____D C:\ProgramData\Epic
2018-10-12 17:59 - 2018-10-12 17:59 - 033542144 _____ C:\Users\Vlado\Downloads\EpicInstaller-7.16.0-fortnite-d0fd3d3521c2463284ba9773051cf181.msi
2018-10-09 18:13 - 2018-10-09 18:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-08 17:18 - 2018-10-08 17:18 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-10-07 15:52 - 2018-10-07 15:52 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-07 15:49 - 2018-10-03 04:31 - 035296480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 029972128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 015907904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 013202672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 001167560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:32 - 001998200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001507944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001455176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001122376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000631368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000521904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 019704344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 016983304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 004249912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 002018352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 001468360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 040253672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 035151592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004310984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-06 14:28 - 2018-10-06 14:28 - 002146496 _____ (Panda Security, S.L.) C:\Users\Vlado\Downloads\PANDAFREEAV.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-04 09:22 - 2018-10-03 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-04 09:22 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-04 09:22 - 2018-06-09 19:06 - 000000000 ____D C:\Users\Vlado\AppData\Local\CrashDumps
2018-11-03 17:50 - 2018-10-03 16:38 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-03 17:50 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-03 17:46 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-03 17:45 - 2018-07-11 19:05 - 000000000 ____D C:\Users\Vlado\Documents\YouCam
2018-11-03 17:45 - 2018-05-25 07:10 - 000000000 ___RD C:\Users\Vlado\OneDrive
2018-11-03 17:44 - 2018-10-03 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-03 17:44 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-03 17:44 - 2018-05-25 07:08 - 000000000 __SHD C:\Users\Vlado\IntelGraphicsProfiles
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-11-03 11:59 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-03 11:59 - 2018-06-03 19:03 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\uTorrent
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-02 18:30 - 2018-05-24 18:46 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Skype
2018-11-02 17:26 - 2018-05-25 16:14 - 000000000 ____D C:\Users\Vlado\AppData\LocalLow\Mozilla
2018-10-31 15:37 - 2018-05-25 07:28 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-31 15:37 - 2018-05-25 07:28 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 20:41 - 2018-07-21 10:22 - 000000000 ____D C:\ProgramData\ProductData
2018-10-30 18:19 - 2018-05-25 13:32 - 000000000 ____D C:\Users\Vlado\Desktop\hry
2018-10-29 17:59 - 2018-10-03 16:07 - 000595704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Zoner
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Local\Zoner
2018-10-29 17:07 - 2018-06-08 18:41 - 000000000 ____D C:\Users\Vlado\Documents\FLiNGTrainer
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Panda Security
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-10-26 16:55 - 2018-05-25 07:30 - 000000000 ____D C:\ProgramData\Panda Security
2018-10-26 16:53 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-26 16:07 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-26 14:34 - 2018-07-12 18:26 - 000000000 ____D C:\Users\Vlado\Desktop\praca
2018-10-25 20:09 - 2018-08-22 13:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-25 19:57 - 2018-05-24 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 14:33 - 2018-05-25 14:23 - 000000000 ____D C:\Users\Vlado\AppData\Local\PlaceholderTileLogoFolder
2018-10-22 14:33 - 2018-05-25 07:08 - 000000000 ____D C:\Users\Vlado\AppData\Local\Packages
2018-10-21 14:10 - 2018-05-25 10:37 - 000000000 ____D C:\Users\Vlado\AppData\Local\D3DSCache
2018-10-21 13:34 - 2018-05-25 12:02 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-19 14:29 - 2018-06-05 14:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA
2018-10-18 14:50 - 2018-10-03 16:12 - 000004218 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533206182
2018-10-18 14:50 - 2018-08-02 11:36 - 000001377 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-10-17 16:41 - 2018-10-03 16:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-06-07 16:01 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-16 14:09 - 2018-10-03 16:12 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3757017093-2623875683-488815004-1001
2018-10-16 14:09 - 2018-10-03 16:08 - 000002374 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 06:46 - 2018-07-11 06:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 12:11 - 2018-08-11 16:33 - 000000000 ____D C:\Users\Vlado\AppData\Local\ElevatedDiagnostics
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\PerfLogs
2018-10-12 18:22 - 2018-06-24 13:28 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-10-12 18:00 - 2018-06-24 13:29 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngine
2018-10-12 18:00 - 2017-09-01 09:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-10 21:04 - 2018-05-24 16:50 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 002248232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-10-10 19:22 - 2018-05-24 16:49 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-10 17:55 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 16:32 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 18:15 - 2018-05-24 20:33 - 000000000 ___RD C:\Users\Vlado\3D Objects
2018-10-09 18:15 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 18:12 - 2018-05-24 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:11 - 2018-05-24 19:21 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-07 15:53 - 2018-06-09 18:52 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Origin
2018-10-07 15:52 - 2018-05-24 18:21 - 000000000 ____D C:\ProgramData\Origin
2018-10-07 15:43 - 2018-05-24 17:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA Corporation
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-06 10:54 - 2018-10-03 16:13 - 000000000 ____D C:\Users\Vlado\AppData\Local\PackageStaging
==================== Files in the root of some directories =======
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Ran by Vlado (administrator) on LAPTOP-RSV8O8AU (04-11-2018 09:22:34)
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Electronic Arts) F:\origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompPkgSrv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20186.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [454072 2015-06-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{48fce1a9-e4b0-402e-8a6d-8e18fa3ad758}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{d53ff755-1670-4c93-bd8b-633392b9539b}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-24] (Oracle Corporation)
Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default [2018-11-03]
CHR Extension: (Prezentácie) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Adblock Plus) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (Tabuľky) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-03]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-03]
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-01-08] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-10] ()
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-12] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; F:\origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
R2 Origin Web Helper Service; F:\origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-08] (Qualcomm)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-09] (CyberLink)
R3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-29] (Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN Microelectronics Corp.)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-10-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b0804a8322213783\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-17] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek )
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snUVCg2.sys [1710128 2017-11-05] (Sonix Tech. Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-03 17:45 - 2018-11-03 19:25 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-11-03 17:43 - 2018-11-03 17:44 - 000000000 ____D C:\AdwCleaner
2018-11-03 17:43 - 2018-11-03 17:43 - 007592144 _____ (Malwarebytes) C:\Users\Vlado\Downloads\adwcleaner_7.2.4.0.exe
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\OneDriveTemp
2018-11-03 11:56 - 2018-11-04 09:22 - 000026482 _____ C:\Users\Vlado\Desktop\FRST.txt
2018-11-03 11:56 - 2018-11-04 09:22 - 000000000 ____D C:\FRST
2018-11-03 11:55 - 2018-11-03 11:55 - 002414592 _____ (Farbar) C:\Users\Vlado\Desktop\FRST64.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 062774584 _____ (Skype Technologies S.A.) C:\Users\Vlado\Downloads\Skype-8.33.0.50.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-02 18:30 - 2018-11-02 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-30 18:14 - 2018-10-30 18:15 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Game
2018-10-30 18:14 - 2018-10-30 18:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-10-30 18:11 - 2018-10-30 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2018-10-30 12:28 - 2018-10-30 12:28 - 000241060 _____ C:\Users\Vlado\Downloads\absolutne-poradie-hhbd-2018.pdf
2018-10-29 17:42 - 2018-10-29 17:42 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000000000 ____D C:\Program Files\Zoner
2018-10-29 17:12 - 2018-10-29 17:27 - 167571348 _____ C:\Users\Vlado\Downloads\Zoner Photo Studio X 19.1809.2.83.rar
2018-10-29 17:09 - 2018-10-29 17:09 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-26 16:55 - 2018-10-26 16:56 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:56 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2018-10-26 16:55 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2018-10-26 16:55 - 2017-11-08 23:43 - 000191448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000159200 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2018-10-26 16:55 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-10-25 20:11 - 2018-10-29 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-25 20:10 - 2018-10-26 16:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-23 17:12 - 2018-10-29 17:08 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-23 17:12 - 2018-10-23 17:12 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbamtray
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbam
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-23 17:11 - 2018-10-23 17:11 - 080022264 _____ (Malwarebytes ) C:\Users\Vlado\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-21 14:10 - 2018-10-21 14:10 - 000000000 ____D C:\Users\Vlado\AppData\Local\PAYDAY
2018-10-21 11:50 - 2018-10-23 17:33 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Twitch
2018-10-21 11:50 - 2018-10-21 11:50 - 000000979 _____ C:\Users\Vlado\Desktop\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000965 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000000 ____D C:\ProgramData\Twitch
2018-10-21 11:49 - 2018-10-21 11:49 - 087447456 _____ C:\Users\Vlado\Downloads\TwitchSetup_[usher-268306925].exe
2018-10-18 15:29 - 2018-10-18 15:29 - 000000000 ____D C:\WINDOWS\Panther
2018-10-18 14:56 - 2018-10-18 14:56 - 000654652 _____ C:\Users\Vlado\Downloads\Cennk_W177_2018_07_27_akt.pdf
2018-10-12 18:29 - 2018-10-12 18:29 - 000000000 _____ C:\Users\Public\Shared Files
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\EasyAntiCheat
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Local\FortniteGame
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngineLauncher
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\EpicGamesLauncher
2018-10-12 17:59 - 2018-10-12 18:00 - 000000000 ____D C:\ProgramData\Epic
2018-10-12 17:59 - 2018-10-12 17:59 - 033542144 _____ C:\Users\Vlado\Downloads\EpicInstaller-7.16.0-fortnite-d0fd3d3521c2463284ba9773051cf181.msi
2018-10-09 18:13 - 2018-10-09 18:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-08 17:18 - 2018-10-08 17:18 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-10-07 15:52 - 2018-10-07 15:52 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-07 15:49 - 2018-10-03 04:31 - 035296480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 029972128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 015907904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 013202672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 001167560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:32 - 001998200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001507944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001455176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001122376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000631368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000521904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 019704344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 016983304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 004249912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 002018352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 001468360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 040253672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 035151592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004310984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-06 14:28 - 2018-10-06 14:28 - 002146496 _____ (Panda Security, S.L.) C:\Users\Vlado\Downloads\PANDAFREEAV.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-04 09:22 - 2018-10-03 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-04 09:22 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-04 09:22 - 2018-06-09 19:06 - 000000000 ____D C:\Users\Vlado\AppData\Local\CrashDumps
2018-11-03 17:50 - 2018-10-03 16:38 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-03 17:50 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-03 17:46 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-03 17:45 - 2018-07-11 19:05 - 000000000 ____D C:\Users\Vlado\Documents\YouCam
2018-11-03 17:45 - 2018-05-25 07:10 - 000000000 ___RD C:\Users\Vlado\OneDrive
2018-11-03 17:44 - 2018-10-03 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-03 17:44 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-03 17:44 - 2018-05-25 07:08 - 000000000 __SHD C:\Users\Vlado\IntelGraphicsProfiles
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-11-03 11:59 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-03 11:59 - 2018-06-03 19:03 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\uTorrent
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-02 18:30 - 2018-05-24 18:46 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Skype
2018-11-02 17:26 - 2018-05-25 16:14 - 000000000 ____D C:\Users\Vlado\AppData\LocalLow\Mozilla
2018-10-31 15:37 - 2018-05-25 07:28 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-31 15:37 - 2018-05-25 07:28 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 20:41 - 2018-07-21 10:22 - 000000000 ____D C:\ProgramData\ProductData
2018-10-30 18:19 - 2018-05-25 13:32 - 000000000 ____D C:\Users\Vlado\Desktop\hry
2018-10-29 17:59 - 2018-10-03 16:07 - 000595704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Zoner
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Local\Zoner
2018-10-29 17:07 - 2018-06-08 18:41 - 000000000 ____D C:\Users\Vlado\Documents\FLiNGTrainer
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Panda Security
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-10-26 16:55 - 2018-05-25 07:30 - 000000000 ____D C:\ProgramData\Panda Security
2018-10-26 16:53 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-26 16:07 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-26 14:34 - 2018-07-12 18:26 - 000000000 ____D C:\Users\Vlado\Desktop\praca
2018-10-25 20:09 - 2018-08-22 13:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-25 19:57 - 2018-05-24 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 14:33 - 2018-05-25 14:23 - 000000000 ____D C:\Users\Vlado\AppData\Local\PlaceholderTileLogoFolder
2018-10-22 14:33 - 2018-05-25 07:08 - 000000000 ____D C:\Users\Vlado\AppData\Local\Packages
2018-10-21 14:10 - 2018-05-25 10:37 - 000000000 ____D C:\Users\Vlado\AppData\Local\D3DSCache
2018-10-21 13:34 - 2018-05-25 12:02 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-19 14:29 - 2018-06-05 14:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA
2018-10-18 14:50 - 2018-10-03 16:12 - 000004218 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533206182
2018-10-18 14:50 - 2018-08-02 11:36 - 000001377 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-10-17 16:41 - 2018-10-03 16:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-06-07 16:01 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-16 14:09 - 2018-10-03 16:12 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3757017093-2623875683-488815004-1001
2018-10-16 14:09 - 2018-10-03 16:08 - 000002374 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 06:46 - 2018-07-11 06:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 12:11 - 2018-08-11 16:33 - 000000000 ____D C:\Users\Vlado\AppData\Local\ElevatedDiagnostics
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\PerfLogs
2018-10-12 18:22 - 2018-06-24 13:28 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-10-12 18:00 - 2018-06-24 13:29 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngine
2018-10-12 18:00 - 2017-09-01 09:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-10 21:04 - 2018-05-24 16:50 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 002248232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-10-10 19:22 - 2018-05-24 16:49 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-10 17:55 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 16:32 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 18:15 - 2018-05-24 20:33 - 000000000 ___RD C:\Users\Vlado\3D Objects
2018-10-09 18:15 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 18:12 - 2018-05-24 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:11 - 2018-05-24 19:21 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-07 15:53 - 2018-06-09 18:52 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Origin
2018-10-07 15:52 - 2018-05-24 18:21 - 000000000 ____D C:\ProgramData\Origin
2018-10-07 15:43 - 2018-05-24 17:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA Corporation
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-06 10:54 - 2018-10-03 16:13 - 000000000 ____D C:\Users\Vlado\AppData\Local\PackageStaging
==================== Files in the root of some directories =======
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End of FRST.txt ============================
Re: prosim o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (04-11-2018 09:23:09)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {1027A0C0-6249-488F-B5B7-C7AB90A8812B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0db23bb4-3d2e-44d7-b598-7b659495698e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B2F71228-4D26-46B7-A9F9-E8EF9A0F7902} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\981cad70-55aa-4a75-90a5-d366c11f497b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {BD3A9133-3583-4419-BFC7-7FC6B3385588} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\63297ddb-40ab-483d-a961-b097985b17f1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {CFD971BD-2FD9-4FD7-9B91-6E33155BD959} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9a0cec26-4570-49b6-ad8e-70f31e4d0c79 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-01 10:01 - 2016-09-21 02:18 - 000763160 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2016-09-21 17:18 - 2016-09-21 17:18 - 000027416 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================
20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2018 09:22:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xfa8
Čas spustenia chybujúcej aplikácie: 0x01d4741780d6724e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69a4748f-e8e8-48e0-8048-64f10139cf41
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 07:23:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2ae4
Čas spustenia chybujúcej aplikácie: 0x01d473a263614a45
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 616f4b33-c125-4b81-9723-dd427f7ada5e
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:52:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x224c
Čas spustenia chybujúcej aplikácie: 0x01d473959f5e3aed
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f8dc6afa-d569-4b5f-ac5d-81f0617adb70
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:48:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Lenovo.Discovery.exe, verzia: 4.15.58.0, časová značka: 0x5baa06c7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0x30bd5043
Kód výnimky: 0x00000004
Odstup chyby: 0x0011aaf2
Identifikácia chybujúceho procesu: 0x3780
Čas spustenia chybujúcej aplikácie: 0x01d4739503e85c19
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 71138a22-48f7-483e-8e41-1ee9127e876e
Celé meno chybujúceho balíka: E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:46:11 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (11/03/2018 05:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2a88
Čas spustenia chybujúcej aplikácie: 0x01d473949456211c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf68c18d-2c3f-4d32-90da-a8ecf92b96b6
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x25ac
Čas spustenia chybujúcej aplikácie: 0x01d47394916888ab
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf9c90a7-9ca0-4894-857b-08851d3ae21d
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:43:37 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (11/03/2018 07:29:24 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 07:25:52 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 07:24:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:51:25 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:51:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:49:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:48:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:45:20 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
CodeIntegrity:
===================================
Date: 2018-11-03 17:44:58.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.315
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.277
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.251
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.172
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.114
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.089
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8066.72 MB
Available physical RAM: 4641.46 MB
Total Virtual: 10370.72 MB
Available Virtual: 6042.98 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:114.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.49 GB) NTFS
\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Vlado (04-11-2018 09:23:09)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {1027A0C0-6249-488F-B5B7-C7AB90A8812B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0db23bb4-3d2e-44d7-b598-7b659495698e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B2F71228-4D26-46B7-A9F9-E8EF9A0F7902} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\981cad70-55aa-4a75-90a5-d366c11f497b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {BD3A9133-3583-4419-BFC7-7FC6B3385588} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\63297ddb-40ab-483d-a961-b097985b17f1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {CFD971BD-2FD9-4FD7-9B91-6E33155BD959} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9a0cec26-4570-49b6-ad8e-70f31e4d0c79 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-01 10:01 - 2016-09-21 02:18 - 000763160 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2016-09-21 17:18 - 2016-09-21 17:18 - 000027416 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
==================== Restore Points =========================
20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/04/2018 09:22:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xfa8
Čas spustenia chybujúcej aplikácie: 0x01d4741780d6724e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69a4748f-e8e8-48e0-8048-64f10139cf41
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 07:23:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2ae4
Čas spustenia chybujúcej aplikácie: 0x01d473a263614a45
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 616f4b33-c125-4b81-9723-dd427f7ada5e
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:52:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x224c
Čas spustenia chybujúcej aplikácie: 0x01d473959f5e3aed
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f8dc6afa-d569-4b5f-ac5d-81f0617adb70
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:48:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Lenovo.Discovery.exe, verzia: 4.15.58.0, časová značka: 0x5baa06c7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0x30bd5043
Kód výnimky: 0x00000004
Odstup chyby: 0x0011aaf2
Identifikácia chybujúceho procesu: 0x3780
Čas spustenia chybujúcej aplikácie: 0x01d4739503e85c19
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 71138a22-48f7-483e-8e41-1ee9127e876e
Celé meno chybujúceho balíka: E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:46:11 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (11/03/2018 05:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2a88
Čas spustenia chybujúcej aplikácie: 0x01d473949456211c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf68c18d-2c3f-4d32-90da-a8ecf92b96b6
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x25ac
Čas spustenia chybujúcej aplikácie: 0x01d47394916888ab
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf9c90a7-9ca0-4894-857b-08851d3ae21d
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App
Error: (11/03/2018 05:43:37 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
System errors:
=============
Error: (11/03/2018 07:29:24 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 07:25:52 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 07:24:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:51:25 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:51:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:49:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:48:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (11/03/2018 05:45:20 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0
CodeIntegrity:
===================================
Date: 2018-11-03 17:44:58.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.315
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.277
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:44:58.251
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.172
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.114
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-03 17:42:25.089
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8066.72 MB
Available physical RAM: 4641.46 MB
Total Virtual: 10370.72 MB
Available Virtual: 6042.98 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:114.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.49 GB) NTFS
\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)
Partition: GPT.
========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)
Partition: GPT.
==================== End of Addition.txt ============================
Re: prosim o kontrolu
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1 HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html" CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X] 2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit 2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit 2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg 2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG 2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.) Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470] AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0] AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0] HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION C:\Program Files\Common Files\AVG C:\Program Files\IObit C:\Program Files (x86)\IObit C:\Program Files\Common Files\IObit C:\ProgramData\IObit C:\ProgramData\ProductData C:\Users\Vlado\AppData\Roaming\IObit C:\Users\Vlado\AppData\LocalLow\IObit C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster* C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare* C:\Users\Default\AppData\Roaming\IObit C:\Users\Default\AppData\LocalLow\IObit C:\Users\Public\Desktop\*Driver Booster* C:\Users\Public\Desktop\*Advanced SystemCare* C:\Windows\IObit C:\Windows\Tasks\ImCleanDisabled C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (04-11-2018 16:12:04) Run:1
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
C:\Program Files\Common Files\AVG
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Vlado\AppData\Roaming\IObit
C:\Users\Vlado\AppData\LocalLow\IObit
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 255
Average :
Sum : 199452279
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================
C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-04-20 07:28 - 2018-04-20 07:28
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 540540578/
====== End of File: ======
========================= File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe ========================
c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File not signed
MD5: 8F4F711DDA9CD13BFFD206B9BB0CF126
Creation and modification date: 2018-08-28 08:01 - 2018-03-18 12:59
Size: 000030720
Attributes: ----A
Company Name: Apache Software Foundation
Internal Name: httpd.exe
Original Name: httpd.exe
Product: Apache HTTP Server
Description: Apache HTTP Server
File Version: 2.4.33
Product Version: 2.4.33
Copyright: Copyright 2018 The Apache Software Foundation.
VirusTotal: https://www.virustotal.com/file/d4bd7c9 ... 541143161/
====== End of File: ======
========================= File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe ========================
c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
File not signed
MD5: F93B6B614AA4DAA64C3D4EA2A08C8D6A
Creation and modification date: 2018-08-28 08:00 - 2017-12-28 05:48
Size: 039551488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version: 5.7.21.0
Product Version: 5.7.21.0
Copyright:
VirusTotal: https://www.virustotal.com/file/5cf03db ... 528513596/
====== End of File: ======
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1]
"Inno Setup: Setup Version"="5.5.1.ee2 (u)"
"Inno Setup: App Path"="F:\games\FIFA18"
"InstallLocation"="F:\games\FIFA18\"
"Inno Setup: Icon Group"="FIFA18"
"Inno Setup: User"="Vlado"
"Inno Setup: Selected Tasks"=""
"Inno Setup: Deselected Tasks"="desktopicon"
"Inno Setup: Language"="eng"
"DisplayName"="FIFA18 version 1.0"
"UninstallString"=""F:\games\FIFA18\unins000.exe""
"UninstallDataFile"="F:\games\FIFA18\unins000.dat"
"QuietUninstallString"=""F:\games\FIFA18\unins000.exe" /SILENT"
"DisplayVersion"="1.0"
"Publisher"="STEAMPUNKS"
"Comments"="FIFA18"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20180706"
"MajorVersion"="1"
"MinorVersion"="0"
"EstimatedSize"="1468"
=== End of ExportKey ===
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => removed successfully
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully
IUFileFilter => service removed successfully
C:\Users\Vlado\AppData\Roaming\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\Vlado\AppData\Local\Avg => moved successfully
C:\ProgramData\AVG => moved successfully
C:\Users\Vlado\AppData\Local\oobelibMkey.log => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Vlado\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Vlado\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile => removed successfully
C:\Program Files\Common Files\AVG => moved successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Vlado\AppData\Roaming\IObit" => not found
C:\Users\Vlado\AppData\LocalLow\IObit => moved successfully
=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========
=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========
"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========
=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========
"C:\Windows\IObit" => not found
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62372688 B
Java, Flash, Steam htmlcache => 149624292 B
Windows/system/drivers => 936311 B
Edge => 2086528 B
Chrome => 272254626 B
Firefox => 0 B
Opera => 873948 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Vlado => 20538947 B
RecycleBin => 0 B
EmptyTemp: => 495.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:12:40 ====
Ran by Vlado (04-11-2018 16:12:04) Run:1
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
C:\Program Files\Common Files\AVG
C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Vlado\AppData\Roaming\IObit
C:\Users\Vlado\AppData\LocalLow\IObit
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 255
Average :
Sum : 199452279
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================
C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-04-20 07:28 - 2018-04-20 07:28
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 540540578/
====== End of File: ======
========================= File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe ========================
c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File not signed
MD5: 8F4F711DDA9CD13BFFD206B9BB0CF126
Creation and modification date: 2018-08-28 08:01 - 2018-03-18 12:59
Size: 000030720
Attributes: ----A
Company Name: Apache Software Foundation
Internal Name: httpd.exe
Original Name: httpd.exe
Product: Apache HTTP Server
Description: Apache HTTP Server
File Version: 2.4.33
Product Version: 2.4.33
Copyright: Copyright 2018 The Apache Software Foundation.
VirusTotal: https://www.virustotal.com/file/d4bd7c9 ... 541143161/
====== End of File: ======
========================= File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe ========================
c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
File not signed
MD5: F93B6B614AA4DAA64C3D4EA2A08C8D6A
Creation and modification date: 2018-08-28 08:00 - 2017-12-28 05:48
Size: 039551488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version: 5.7.21.0
Product Version: 5.7.21.0
Copyright:
VirusTotal: https://www.virustotal.com/file/5cf03db ... 528513596/
====== End of File: ======
================== ExportKey: ===================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1]
"Inno Setup: Setup Version"="5.5.1.ee2 (u)"
"Inno Setup: App Path"="F:\games\FIFA18"
"InstallLocation"="F:\games\FIFA18\"
"Inno Setup: Icon Group"="FIFA18"
"Inno Setup: User"="Vlado"
"Inno Setup: Selected Tasks"=""
"Inno Setup: Deselected Tasks"="desktopicon"
"Inno Setup: Language"="eng"
"DisplayName"="FIFA18 version 1.0"
"UninstallString"=""F:\games\FIFA18\unins000.exe""
"UninstallDataFile"="F:\games\FIFA18\unins000.dat"
"QuietUninstallString"=""F:\games\FIFA18\unins000.exe" /SILENT"
"DisplayVersion"="1.0"
"Publisher"="STEAMPUNKS"
"Comments"="FIFA18"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20180706"
"MajorVersion"="1"
"MinorVersion"="0"
"EstimatedSize"="1468"
=== End of ExportKey ===
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => removed successfully
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully
IUFileFilter => service removed successfully
C:\Users\Vlado\AppData\Roaming\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\Vlado\AppData\Local\Avg => moved successfully
C:\ProgramData\AVG => moved successfully
C:\Users\Vlado\AppData\Local\oobelibMkey.log => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Vlado\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Vlado\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile => removed successfully
C:\Program Files\Common Files\AVG => moved successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Vlado\AppData\Roaming\IObit" => not found
C:\Users\Vlado\AppData\LocalLow\IObit => moved successfully
=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========
=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========
"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found
=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========
=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========
not found
========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========
"C:\Windows\IObit" => not found
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62372688 B
Java, Flash, Steam htmlcache => 149624292 B
Windows/system/drivers => 936311 B
Edge => 2086528 B
Chrome => 272254626 B
Firefox => 0 B
Opera => 873948 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Vlado => 20538947 B
RecycleBin => 0 B
EmptyTemp: => 495.1 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:12:40 ====
Re: prosim o kontrolu
Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy? V PC su este nejake zbytky po AVG, ktory bol zrejme odinstalovany, tak precisti to este cez AVG Remover: http://files-download.avg.com/util/tool ... emover.exe
- Stiahni, uloz na plochu, spusti ako spravca, pod "AVG Remover" klikni na Continue, nechaj obidve moznsoti zaskrnute a klikni na Remove, nasledne nechaj restartovat PC
- Po restartovani PC otvor disk C:q a odstran zlozku "AVG_Remover"
- Anglicky navod s obrazkami (cast C): https://support.avg.com/SupportArticleV ... nstall-AVG
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
Ide o to, že keď spustím Lenovo Vantage, tak preblikne okno a zmizne, to iste robí aj keď spustím napravo v roku pri hodinkách ten štít, zo zelenou fajkou, centrum zabezpečenia, neviem ako sa to presne vola
Re: prosim o kontrolu
Spusti kontrolu integrity systemovych suborov:
- Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
- Skopiruj a spusti prikaz:
Kód: Vybrat vše
DISM.exe /Online /Cleanup-image /Restorehealth - Po dokonceni skopiruj a spusti druhy prikaz:
Kód: Vybrat vše
sfc /scannow - Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:
Kód: Vybrat vše
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt - Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
- Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: prosim o kontrolu
Problém pretrváva, nič nezmenilo Lenovo Vantage nefunguje ani štít so zelenou fajkou. 
- Přílohy
-
- Desktop.rar
- sú tam 2 súbory
- (5.63 KiB) Staženo 67 x
Přispějete na provoz fóra?