Re: preventivka
Napsal: 08 bře 2018 18:10
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by ver.lips (08-03-2018 18:01:36) Run:1
Running from C:\Users\ver.lips\Desktop
Loaded Profiles: ver.lips & postgres (Available Profiles: ver.lips & postgres)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
SearchScopes: HKLM-x32 -> DefaultScope {4961737D-861D-4372-89FA-66C84BD325E2} URL =
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> DefaultScope {4961737D-861D-4372-89FA-66C84BD325E2} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN28310550159000651&UM=4
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=v ... earchTerms}
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {4961737D-861D-4372-89FA-66C84BD325E2} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN28310550159000651&UM=4
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {7569F2ED-27BC-4F80-BD21-EFE94AFEC867} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll No File
Toolbar: HKLM-x32 - No Name - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - No File
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
S3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
2018-03-08 15:26 - 2017-03-20 22:54 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-03-08 15:26 - 2014-07-12 17:09 - 000000000 ____D C:\ProgramData\McAfee
2018-03-06 18:13 - 2016-03-27 17:45 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-03-06 17:26 - 2016-03-27 17:43 - 000000000 ____D C:\ProgramData\Panda Security
2018-03-06 17:24 - 2016-03-27 17:48 - 000000000 ____D C:\Users\ver.lips\AppData\Roaming\Panda Security
2018-03-06 14:29 - 2016-03-27 17:49 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2018-03-06 12:31 - 2016-03-27 17:49 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-02-14 20:08 - 2017-03-20 22:54 - 000000000 ____D C:\Program Files (x86)\McAfee
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
Task: {34B69255-57F6-4E3C-8D15-B6073ADC3083} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {45A7F60F-BE23-40AD-95C9-0A4DF4D99282} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {53DDE7F8-C48B-4CA7-B682-8C118F3D6049} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {581F155B-96BE-467D-AA31-D4E8788D3A37} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5EC060D1-B287-48F6-81AF-6F18C95D949C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {62F3BF94-35C1-44ED-818F-132096B280C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {71D63B10-FC60-432F-B5E9-B1DAD9CE8240} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DF82D22-E287-4BA1-8091-05412FE6F532} - \WPD\SqmUpload_S-1-5-21-2580292674-1686849953-1872125729-1001 -> No File <==== ATTENTION
Task: {7E0FF635-009B-4615-B248-1DC3618CF8C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AF9E6BE1-566A-4500-BD8C-B738BBB22D43} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B309D1D0-89D9-4454-906B-441DC89D821C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {BE2E1E27-7E72-48D3-97D1-FA49DBD60E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DB06B686-13DE-4314-802C-4305C85B8DE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E264FF90-4C00-49C2-92E3-B4187460F313} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E5F211C8-6D95-4DCA-9342-6E732975DCD4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F79AD21F-DCCB-49CA-8613-542CB26C3CEE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
IE trusted site: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\sharepoint.com -> hxxps://vse-files.sharepoint.com
C:\Program Files\TrueKey
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
C:\Program Files (x86)\pandasecuritytb
C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\ProgramData\McAfee Security Scan
C:\Program Files\McAfee Security Scan
C:\Program Files\McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" => removed successfully
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => not found
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4961737D-861D-4372-89FA-66C84BD325E2}" => removed successfully
HKLM\Software\Classes\CLSID\{4961737D-861D-4372-89FA-66C84BD325E2} => not found
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7569F2ED-27BC-4F80-BD21-EFE94AFEC867}" => removed successfully
HKLM\Software\Classes\CLSID\{7569F2ED-27BC-4F80-BD21-EFE94AFEC867} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{31264a33-a653-46c4-af49-1232c59a7da5}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => removed successfully
"HKLM\System\CurrentControlSet\Services\panda_url_filteringd" => removed successfully
panda_url_filteringd => service removed successfully
"HKLM\System\CurrentControlSet\Services\intaud_WaveExtensible" => removed successfully
intaud_WaveExtensible => service removed successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files (x86)\Panda Security => moved successfully
C:\ProgramData\Panda Security => moved successfully
C:\Users\ver.lips\AppData\Roaming\Panda Security => moved successfully
C:\Program Files\Panda Security URL Filtering => moved successfully
C:\ProgramData\panda_url_filtering => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
"HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}" => removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B69255-57F6-4E3C-8D15-B6073ADC3083}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B69255-57F6-4E3C-8D15-B6073ADC3083}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45A7F60F-BE23-40AD-95C9-0A4DF4D99282}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45A7F60F-BE23-40AD-95C9-0A4DF4D99282}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DDE7F8-C48B-4CA7-B682-8C118F3D6049}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DDE7F8-C48B-4CA7-B682-8C118F3D6049}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{581F155B-96BE-467D-AA31-D4E8788D3A37}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{581F155B-96BE-467D-AA31-D4E8788D3A37}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5EC060D1-B287-48F6-81AF-6F18C95D949C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EC060D1-B287-48F6-81AF-6F18C95D949C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62F3BF94-35C1-44ED-818F-132096B280C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62F3BF94-35C1-44ED-818F-132096B280C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71D63B10-FC60-432F-B5E9-B1DAD9CE8240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71D63B10-FC60-432F-B5E9-B1DAD9CE8240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DF82D22-E287-4BA1-8091-05412FE6F532}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DF82D22-E287-4BA1-8091-05412FE6F532}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2580292674-1686849953-1872125729-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E0FF635-009B-4615-B248-1DC3618CF8C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E0FF635-009B-4615-B248-1DC3618CF8C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF9E6BE1-566A-4500-BD8C-B738BBB22D43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF9E6BE1-566A-4500-BD8C-B738BBB22D43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B309D1D0-89D9-4454-906B-441DC89D821C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B309D1D0-89D9-4454-906B-441DC89D821C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE2E1E27-7E72-48D3-97D1-FA49DBD60E49}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE2E1E27-7E72-48D3-97D1-FA49DBD60E49}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB06B686-13DE-4314-802C-4305C85B8DE1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB06B686-13DE-4314-802C-4305C85B8DE1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E264FF90-4C00-49C2-92E3-B4187460F313}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E264FF90-4C00-49C2-92E3-B4187460F313}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5F211C8-6D95-4DCA-9342-6E732975DCD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5F211C8-6D95-4DCA-9342-6E732975DCD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F79AD21F-DCCB-49CA-8613-542CB26C3CEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F79AD21F-DCCB-49CA-8613-542CB26C3CEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => removed successfully
"C:\Program Files\TrueKey" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk" => not found
"C:\Program Files (x86)\pandasecuritytb" => not found
"C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus" => not found
"C:\ProgramData\McAfee Security Scan" => not found
"C:\Program Files\McAfee Security Scan" => not found
"C:\Program Files\McAfee" => not found
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621" => removed successfully
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb" => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 902983765 B
Java, Flash, Steam htmlcache => 1281 B
Windows/system/drivers => 9637546 B
Edge => 1237 B
Chrome => 18229103 B
Firefox => 399621617 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 107 B
LocalService => 8162 B
NetworkService => 0 B
ver.lips => 21677493 B
postgres => 0 B
RecycleBin => 1848359 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-03-2018 18:07:55)
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
==== End of Fixlog 18:07:55 ====
Ran by ver.lips (08-03-2018 18:01:36) Run:1
Running from C:\Users\ver.lips\Desktop
Loaded Profiles: ver.lips & postgres (Available Profiles: ver.lips & postgres)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#/?show_is=1&source=art
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#/?show_is=1&source=art
SearchScopes: HKLM-x32 -> DefaultScope {4961737D-861D-4372-89FA-66C84BD325E2} URL =
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> DefaultScope {4961737D-861D-4372-89FA-66C84BD325E2} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN28310550159000651&UM=4
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.mystart.com/results.php?gen=ms&pr=v ... earchTerms}
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {4961737D-861D-4372-89FA-66C84BD325E2} URL = hxxp://trovi.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3329621&CUI=UN28310550159000651&UM=4
SearchScopes: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001 -> {7569F2ED-27BC-4F80-BD21-EFE94AFEC867} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - BS Player ControlBar B Toolbar - {31264a33-a653-46c4-af49-1232c59a7da5} - C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B\prxtbBS_0.dll No File
Toolbar: HKLM-x32 - No Name - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - No File
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [No File]
S3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
2018-03-08 15:26 - 2017-03-20 22:54 - 000000000 ____D C:\Program Files\Common Files\McAfee
2018-03-08 15:26 - 2014-07-12 17:09 - 000000000 ____D C:\ProgramData\McAfee
2018-03-06 18:13 - 2016-03-27 17:45 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-03-06 17:26 - 2016-03-27 17:43 - 000000000 ____D C:\ProgramData\Panda Security
2018-03-06 17:24 - 2016-03-27 17:48 - 000000000 ____D C:\Users\ver.lips\AppData\Roaming\Panda Security
2018-03-06 14:29 - 2016-03-27 17:49 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2018-03-06 12:31 - 2016-03-27 17:49 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-02-14 20:08 - 2017-03-20 22:54 - 000000000 ____D C:\Program Files (x86)\McAfee
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> No File
Task: {34B69255-57F6-4E3C-8D15-B6073ADC3083} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {45A7F60F-BE23-40AD-95C9-0A4DF4D99282} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {53DDE7F8-C48B-4CA7-B682-8C118F3D6049} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {581F155B-96BE-467D-AA31-D4E8788D3A37} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5EC060D1-B287-48F6-81AF-6F18C95D949C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {62F3BF94-35C1-44ED-818F-132096B280C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {71D63B10-FC60-432F-B5E9-B1DAD9CE8240} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {7DF82D22-E287-4BA1-8091-05412FE6F532} - \WPD\SqmUpload_S-1-5-21-2580292674-1686849953-1872125729-1001 -> No File <==== ATTENTION
Task: {7E0FF635-009B-4615-B248-1DC3618CF8C0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AF9E6BE1-566A-4500-BD8C-B738BBB22D43} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B309D1D0-89D9-4454-906B-441DC89D821C} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {BE2E1E27-7E72-48D3-97D1-FA49DBD60E49} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DB06B686-13DE-4314-802C-4305C85B8DE1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E264FF90-4C00-49C2-92E3-B4187460F313} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E5F211C8-6D95-4DCA-9342-6E732975DCD4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {F79AD21F-DCCB-49CA-8613-542CB26C3CEE} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
IE trusted site: HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\...\sharepoint.com -> hxxps://vse-files.sharepoint.com
C:\Program Files\TrueKey
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
C:\Program Files (x86)\pandasecuritytb
C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
C:\ProgramData\McAfee Security Scan
C:\Program Files\McAfee Security Scan
C:\Program Files\McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Restore point was successfully created.
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}" => removed successfully
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => not found
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4961737D-861D-4372-89FA-66C84BD325E2}" => removed successfully
HKLM\Software\Classes\CLSID\{4961737D-861D-4372-89FA-66C84BD325E2} => not found
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7569F2ED-27BC-4F80-BD21-EFE94AFEC867}" => removed successfully
HKLM\Software\Classes\CLSID\{7569F2ED-27BC-4F80-BD21-EFE94AFEC867} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{31264a33-a653-46c4-af49-1232c59a7da5}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{31264a33-a653-46c4-af49-1232c59a7da5}" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{ccb24e92-62c4-4c53-95d2-65f9eed476bc}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{ccb24e92-62c4-4c53-95d2-65f9eed476bc} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
"HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => removed successfully
"HKLM\System\CurrentControlSet\Services\panda_url_filteringd" => removed successfully
panda_url_filteringd => service removed successfully
"HKLM\System\CurrentControlSet\Services\intaud_WaveExtensible" => removed successfully
intaud_WaveExtensible => service removed successfully
C:\Program Files\Common Files\McAfee => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Program Files (x86)\Panda Security => moved successfully
C:\ProgramData\Panda Security => moved successfully
C:\Users\ver.lips\AppData\Roaming\Panda Security => moved successfully
C:\Program Files\Panda Security URL Filtering => moved successfully
C:\ProgramData\panda_url_filtering => moved successfully
C:\Program Files (x86)\McAfee => moved successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
"HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75}" => removed successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\UAContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\{A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B69255-57F6-4E3C-8D15-B6073ADC3083}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B69255-57F6-4E3C-8D15-B6073ADC3083}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{45A7F60F-BE23-40AD-95C9-0A4DF4D99282}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45A7F60F-BE23-40AD-95C9-0A4DF4D99282}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{53DDE7F8-C48B-4CA7-B682-8C118F3D6049}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{53DDE7F8-C48B-4CA7-B682-8C118F3D6049}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{581F155B-96BE-467D-AA31-D4E8788D3A37}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{581F155B-96BE-467D-AA31-D4E8788D3A37}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5EC060D1-B287-48F6-81AF-6F18C95D949C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EC060D1-B287-48F6-81AF-6F18C95D949C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62F3BF94-35C1-44ED-818F-132096B280C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62F3BF94-35C1-44ED-818F-132096B280C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71D63B10-FC60-432F-B5E9-B1DAD9CE8240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71D63B10-FC60-432F-B5E9-B1DAD9CE8240}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7DF82D22-E287-4BA1-8091-05412FE6F532}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DF82D22-E287-4BA1-8091-05412FE6F532}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2580292674-1686849953-1872125729-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E0FF635-009B-4615-B248-1DC3618CF8C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E0FF635-009B-4615-B248-1DC3618CF8C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AF9E6BE1-566A-4500-BD8C-B738BBB22D43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF9E6BE1-566A-4500-BD8C-B738BBB22D43}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B309D1D0-89D9-4454-906B-441DC89D821C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B309D1D0-89D9-4454-906B-441DC89D821C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE2E1E27-7E72-48D3-97D1-FA49DBD60E49}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE2E1E27-7E72-48D3-97D1-FA49DBD60E49}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C5A4D2A8-7DA5-49F8-AA8A-03C914B148B1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB06B686-13DE-4314-802C-4305C85B8DE1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB06B686-13DE-4314-802C-4305C85B8DE1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E264FF90-4C00-49C2-92E3-B4187460F313}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E264FF90-4C00-49C2-92E3-B4187460F313}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5F211C8-6D95-4DCA-9342-6E732975DCD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5F211C8-6D95-4DCA-9342-6E732975DCD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F79AD21F-DCCB-49CA-8613-542CB26C3CEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F79AD21F-DCCB-49CA-8613-542CB26C3CEE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKU\S-1-5-21-2580292674-1686849953-1872125729-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => removed successfully
"C:\Program Files\TrueKey" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk" => not found
"C:\Program Files (x86)\pandasecuritytb" => not found
"C:\Users\ver.lips\AppData\LocalLow\BS_Player_ControlBar_B" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus" => not found
"C:\ProgramData\McAfee Security Scan" => not found
"C:\Program Files\McAfee Security Scan" => not found
"C:\Program Files\McAfee" => not found
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IECT3329621" => removed successfully
"HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\pandasecuritytb" => removed successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 902983765 B
Java, Flash, Steam htmlcache => 1281 B
Windows/system/drivers => 9637546 B
Edge => 1237 B
Chrome => 18229103 B
Firefox => 399621617 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 107 B
LocalService => 8162 B
NetworkService => 0 B
ver.lips => 21677493 B
postgres => 0 B
RecycleBin => 1848359 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-03-2018 18:07:55)
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
==== End of Fixlog 18:07:55 ====
Vyzera to OK. Su este s PC nejake problemy?
