VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Vlado (administrator) on LAPTOP-RSV8O8AU (03-11-2018 11:56:27)
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado & (Available Profiles: Vlado)
Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
Failed to access process -> backgroundTaskHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.52_none_96d83ec8e9f322fc\TiWorker.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Time.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [454072 2015-06-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{48fce1a9-e4b0-402e-8a6d-8e18fa3ad758}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{d53ff755-1670-4c93-bd8b-633392b9539b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-01-25] (IObit)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-24] (Oracle Corporation)

Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default [2018-11-03]
CHR Extension: (Prezentácie) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Adblock Plus) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (Tabuľky) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-06-28]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\System Profile [2018-06-28]
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-01-08] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-10] ()
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-12] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; F:\origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
S2 Origin Web Helper Service; F:\origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-08] (Qualcomm)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-09] (CyberLink)
R3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-29] (Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN Microelectronics Corp.)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit.com)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-10-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-10-29] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-10-29] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-10-29] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b0804a8322213783\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-17] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek )
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snUVCg2.sys [1710128 2017-11-05] (Sonix Tech. Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-03 11:56 - 2018-11-03 11:56 - 000028869 _____ C:\Users\Vlado\Desktop\FRST.txt
2018-11-03 11:56 - 2018-11-03 11:56 - 000000000 ____D C:\FRST
2018-11-03 11:55 - 2018-11-03 11:55 - 002414592 _____ (Farbar) C:\Users\Vlado\Desktop\FRST64.exe
2018-11-03 11:52 - 2018-11-03 11:52 - 000000000 ___HD C:\OneDriveTemp
2018-11-02 18:30 - 2018-11-02 18:30 - 062774584 _____ (Skype Technologies S.A.) C:\Users\Vlado\Downloads\Skype-8.33.0.50.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-02 18:30 - 2018-11-02 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-30 18:14 - 2018-10-30 18:15 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Game
2018-10-30 18:14 - 2018-10-30 18:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-10-30 18:11 - 2018-10-30 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2018-10-30 12:28 - 2018-10-30 12:28 - 000241060 _____ C:\Users\Vlado\Downloads\absolutne-poradie-hhbd-2018.pdf
2018-10-29 18:00 - 2018-11-03 11:53 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-10-29 18:00 - 2018-10-29 18:00 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-10-29 17:42 - 2018-10-29 17:42 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000000000 ____D C:\Program Files\Zoner
2018-10-29 17:12 - 2018-10-29 17:27 - 167571348 _____ C:\Users\Vlado\Downloads\Zoner Photo Studio X 19.1809.2.83.rar
2018-10-29 17:09 - 2018-10-29 17:09 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-26 16:55 - 2018-10-26 16:56 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:56 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2018-10-26 16:55 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2018-10-26 16:55 - 2017-11-08 23:43 - 000191448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000159200 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2018-10-26 16:55 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-10-25 20:11 - 2018-10-29 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-25 20:10 - 2018-10-26 16:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-23 17:12 - 2018-10-29 17:08 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-23 17:12 - 2018-10-23 17:12 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbamtray
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbam
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-23 17:11 - 2018-10-23 17:11 - 080022264 _____ (Malwarebytes ) C:\Users\Vlado\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-21 14:10 - 2018-10-21 14:10 - 000000000 ____D C:\Users\Vlado\AppData\Local\PAYDAY
2018-10-21 11:50 - 2018-10-23 17:33 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Twitch
2018-10-21 11:50 - 2018-10-21 11:50 - 000000979 _____ C:\Users\Vlado\Desktop\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000965 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000000 ____D C:\ProgramData\Twitch
2018-10-21 11:49 - 2018-10-21 11:49 - 087447456 _____ C:\Users\Vlado\Downloads\TwitchSetup_[usher-268306925].exe
2018-10-18 15:29 - 2018-10-18 15:29 - 000000000 ____D C:\WINDOWS\Panther
2018-10-18 14:56 - 2018-10-18 14:56 - 000654652 _____ C:\Users\Vlado\Downloads\Cennk_W177_2018_07_27_akt.pdf
2018-10-12 18:29 - 2018-10-12 18:29 - 000000000 _____ C:\Users\Public\Shared Files
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\EasyAntiCheat
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Local\FortniteGame
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngineLauncher
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\EpicGamesLauncher
2018-10-12 17:59 - 2018-10-12 18:00 - 000000000 ____D C:\ProgramData\Epic
2018-10-12 17:59 - 2018-10-12 17:59 - 033542144 _____ C:\Users\Vlado\Downloads\EpicInstaller-7.16.0-fortnite-d0fd3d3521c2463284ba9773051cf181.msi
2018-10-09 18:13 - 2018-10-09 18:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-08 17:18 - 2018-10-08 17:18 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-10-07 15:52 - 2018-10-07 15:52 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-07 15:49 - 2018-10-03 04:31 - 035296480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 029972128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 015907904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 013202672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 001167560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:32 - 001998200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001507944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001455176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001122376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000631368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000521904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 019704344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 016983304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 004249912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 002018352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 001468360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 040253672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 035151592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004310984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-06 14:28 - 2018-10-06 14:28 - 002146496 _____ (Panda Security, S.L.) C:\Users\Vlado\Downloads\PANDAFREEAV.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-03 11:54 - 2018-06-09 19:06 - 000000000 ____D C:\Users\Vlado\AppData\Local\CrashDumps
2018-11-03 11:54 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-03 11:53 - 2018-07-11 19:05 - 000000000 ____D C:\Users\Vlado\Documents\YouCam
2018-11-03 11:52 - 2018-05-25 07:10 - 000000000 ___RD C:\Users\Vlado\OneDrive
2018-11-03 11:52 - 2018-05-25 07:08 - 000000000 __SHD C:\Users\Vlado\IntelGraphicsProfiles
2018-11-02 21:33 - 2018-10-03 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-02 18:37 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-02 18:30 - 2018-05-24 18:46 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Skype
2018-11-02 17:26 - 2018-05-25 16:14 - 000000000 ____D C:\Users\Vlado\AppData\LocalLow\Mozilla
2018-10-31 15:37 - 2018-05-25 07:28 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-31 15:37 - 2018-05-25 07:28 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 20:41 - 2018-07-21 10:22 - 000000000 ____D C:\ProgramData\ProductData
2018-10-30 18:19 - 2018-05-25 13:32 - 000000000 ____D C:\Users\Vlado\Desktop\hry
2018-10-29 18:06 - 2018-10-03 16:38 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-29 18:06 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-10-29 17:59 - 2018-10-03 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-29 17:59 - 2018-10-03 16:07 - 000595704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-29 17:59 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Zoner
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Local\Zoner
2018-10-29 17:07 - 2018-06-08 18:41 - 000000000 ____D C:\Users\Vlado\Documents\FLiNGTrainer
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Panda Security
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-10-26 16:55 - 2018-05-25 07:30 - 000000000 ____D C:\ProgramData\Panda Security
2018-10-26 16:53 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-26 16:07 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-26 14:34 - 2018-07-12 18:26 - 000000000 ____D C:\Users\Vlado\Desktop\praca
2018-10-25 20:09 - 2018-08-22 13:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-25 19:57 - 2018-05-24 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 14:33 - 2018-05-25 14:23 - 000000000 ____D C:\Users\Vlado\AppData\Local\PlaceholderTileLogoFolder
2018-10-22 14:33 - 2018-05-25 07:08 - 000000000 ____D C:\Users\Vlado\AppData\Local\Packages
2018-10-21 14:10 - 2018-05-25 10:37 - 000000000 ____D C:\Users\Vlado\AppData\Local\D3DSCache
2018-10-21 13:34 - 2018-05-25 12:02 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-19 14:29 - 2018-06-05 14:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA
2018-10-18 14:50 - 2018-10-03 16:12 - 000004218 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533206182
2018-10-18 14:50 - 2018-08-02 11:36 - 000001377 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-10-17 16:41 - 2018-10-03 16:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-06-07 16:01 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-16 14:09 - 2018-10-03 16:12 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3757017093-2623875683-488815004-1001
2018-10-16 14:09 - 2018-10-03 16:08 - 000002374 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 06:46 - 2018-07-11 06:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 12:11 - 2018-08-11 16:33 - 000000000 ____D C:\Users\Vlado\AppData\Local\ElevatedDiagnostics
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\PerfLogs
2018-10-12 18:22 - 2018-06-24 13:28 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-10-12 18:00 - 2018-06-24 13:29 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngine
2018-10-12 18:00 - 2017-09-01 09:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-10 21:04 - 2018-05-24 16:50 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 002248232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-10-10 19:22 - 2018-05-24 16:49 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-10 17:55 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 16:32 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 18:15 - 2018-05-24 20:33 - 000000000 ___RD C:\Users\Vlado\3D Objects
2018-10-09 18:15 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 18:12 - 2018-05-24 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:11 - 2018-05-24 19:21 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-07 15:53 - 2018-06-09 18:52 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Origin
2018-10-07 15:52 - 2018-05-24 18:21 - 000000000 ____D C:\ProgramData\Origin
2018-10-07 15:43 - 2018-05-24 17:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA Corporation
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-06 10:54 - 2018-10-03 16:13 - 000000000 ____D C:\Users\Vlado\AppData\Local\PackageStaging
2018-10-04 14:20 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat

==================== Files in the root of some directories =======

2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log

Some files in TEMP:
====================
2018-10-27 17:49 - 2018-10-27 17:49 - 000000000 _____ () C:\Users\Vlado\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-10-27 17:49 - 2018-10-27 17:49 - 000000016 _____ () C:\Users\Vlado\AppData\Local\Temp\a3b624dfdcbf7b62b2fec8d382197774.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Ahoj

Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd) - su to cinske smejdy, ktore mozu poskodit system.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-31.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-03-2018
# Duration: 00:00:03
# OS: Windows 10 Home
# Cleaned: 10
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\ProgramData\Host App Service
Deleted C:\Users\Vlado\AppData\Local\Host App Service

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKCU\Software\Host App Service
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2052 octets] - [03/11/2018 17:44:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva nove logy z FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (03-11-2018 11:57:07)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.5.0.7 - IObit)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo App Explorer (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Host App Service) (Version: 0.272.1.560 - SweetLabs for Lenovo) <==== ATTENTION
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04B56776-A43B-49AC-AAB1-2C68D566EA9C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ce736b5c-54c5-4461-b265-6b08edca0be3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {4D43CE86-7575-4649-A9BA-66648141D3FE} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {6826F647-5ACE-4F26-8727-E3ADB313CA67} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4de57690-e03e-4c85-9f0e-626756f17e12 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B5B6B739-E60E-467D-858F-C6C9F9648391} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\40776c15-62d1-4776-aeea-1e6e691a422f => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {C8694715-5994-42D0-9641-560A9C08FEC4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b77c764c-de5e-4b20-9c36-242f88e4d10a => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 004210688 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Time.exe
2018-08-20 19:31 - 2018-08-20 19:31 - 004445248 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000954368 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeControls.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-07-21 10:21 - 2017-05-22 10:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-07-21 10:21 - 2017-05-22 10:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140617\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333289\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140657\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333409\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-10312018073140677\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-3757017093-2623875683-488815004-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11032018115333431\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{9AAA8A40-20F4-4717-A916-2D50A3571184}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{8F35DBC0-E7AC-42B1-BB3E-5ABD67507232}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{260CFC6C-465C-42F7-AE93-AECB4E33BC96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBABAE1-3855-4977-AD13-3C7993D1C3CB}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [{6EEFB2B4-7925-4C23-BE30-7731989F4E6C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{9CEE7E7F-11A0-43F8-B9A8-171CED6D1E1F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{99D4E3B3-31DE-4F3E-9346-3BD8A77AD058}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C02D76C9-91F7-4BF9-A8B4-9EB50ED1A863}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================

20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/03/2018 11:54:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SecHealthUI.exe, verzia: 10.0.17763.1, časová značka: 0x5b9c582d
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.17763.1, časová značka: 0xa69151fc
Kód výnimky: 0xc000027b
Odstup chyby: 0x0000000000707c32
Identifikácia chybujúceho procesu: 0x185bc
Čas spustenia chybujúcej aplikácie: 0x01d473638a0efd01
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: 5d53f5f9-3f59-4c20-aeba-1e22dbd254b1
Celé meno chybujúceho balíka: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: SecHealthUI

Error: (11/03/2018 11:52:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x323c
Čas spustenia chybujúcej aplikácie: 0x01d473634e6e73de
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 48ff04f0-280c-4b14-bbc6-9aa1809a8c62
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 09:33:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1d5f8
Čas spustenia chybujúcej aplikácie: 0x01d472eb57755b48
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 219e19f2-248e-444a-9b1e-2e3e287521e0
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 07:33:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c564
Čas spustenia chybujúcej aplikácie: 0x01d472da96c88d41
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 644bf4e0-423b-46eb-91ed-37a229edbe05
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 06:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SkypeApp.exe, verzia: 8.33.0.41, časová značka: 0x5bca1f01
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1dab8
Čas spustenia chybujúcej aplikácie: 0x01d472d145a3449b
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 09ca3e2b-e3a5-4f98-b62a-4a8f9774bf08
Celé meno chybujúceho balíka: Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 06:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x1c7fc
Čas spustenia chybujúcej aplikácie: 0x01d472d0f077d88c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: b1f50a51-568c-4665-a2dd-9d6aa5f9ebd8
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 06:24:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x3758
Čas spustenia chybujúcej aplikácie: 0x01d472d0ef582582
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 84d9f515-b5c5-44fa-ac26-7e4bfff3f598
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/02/2018 05:17:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xab0
Čas spustenia chybujúcej aplikácie: 0x01d472c77c320fc2
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69f892c6-ce18-43ae-b815-a649656d41b4
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App


System errors:
=============
Error: (11/03/2018 11:54:20 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 11:52:32 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 11:52:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2018 07:34:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2018 07:33:48 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2018 06:33:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/02/2018 06:32:06 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===================================

Date: 2018-10-29 17:59:56.654
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-29 17:59:56.591
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-29 17:59:56.548
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-10-29 17:59:56.509
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 45%
Total physical RAM: 8066.72 MB
Available physical RAM: 4391.58 MB
Total Virtual: 10498.72 MB
Available Virtual: 5608.71 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:112.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.48 GB) NTFS

\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)

Partition: GPT.

========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)

Partition: GPT.

==================== End of Addition.txt ============================

Chyba este hlavny log FRST.txt

posielam 2 nove logy

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Vlado (administrator) on LAPTOP-RSV8O8AU (04-11-2018 09:22:34)
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Platform: Windows 10 Home Version 1809 17763.55 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHDCPSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Electronic Arts) F:\origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\IntelCpHeciSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxEM.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Lenovo(beijing) Limited) C:\Program Files\Lenovo\LenovoUtility\utility.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Lenovo Group Limited) C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSB.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompPkgSrv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\Common Files\AVG\Overseer\overseer.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20186.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [914344 2017-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [653728 2018-03-26] (Oracle Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [454072 2015-06-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153296 2018-05-30] (Panda Security, S.L.)
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [604128 2018-10-12] (ZONER software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{48fce1a9-e4b0-402e-8a6d-8e18fa3ad758}: [DhcpNameServer] 217.23.254.124 217.23.254.125
Tcpip\..\Interfaces\{d53ff755-1670-4c93-bd8b-633392b9539b}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-05-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-05-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-05-24] (Oracle Corporation)

Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-05-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-05-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-24] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default [2018-11-03]
CHR Extension: (Prezentácie) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-25]
CHR Extension: (Dokumenty) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-25]
CHR Extension: (Disk Google) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-25]
CHR Extension: (Adblock Plus) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-10-31]
CHR Extension: (Tabuľky) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-25]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (AdBlock) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-25]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-09-07]
CHR Extension: (Gmail) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-01]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-03]
CHR Profile: C:\Users\Vlado\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-03]
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2910696 2018-09-10] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [414696 2018-01-08] (Windows (R) Win 7 DDK provider)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-10] ()
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-09-15] (Microsoft Corporation)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [914944 2018-09-15] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-10-12] (EasyAntiCheat Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144600 2017-10-22] (ELAN Microelectronics Corp.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S3 iaStorAfsService; C:\WINDOWS\IAStorAfsService\iaStorAfsService.exe [2410672 2017-11-27] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71408 2018-05-16] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [742704 2017-10-11] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [668472 2017-10-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [213648 2017-11-08] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
S3 Origin Client Service; F:\origin\OriginClientService.exe [2216256 2018-09-13] (Electronic Arts)
R2 Origin Web Helper Service; F:\origin\OriginWebHelperService.exe [3087176 2018-09-13] (Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2018-05-30] (Panda Security, S.L.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324552 2018-03-29] (Realtek Semiconductor)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe [30720 2018-03-18] (Apache Software Foundation) [File not signed]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.2.14\bin\mysqld.exe [14550440 2018-03-26] ()
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe [39551488 2017-12-28] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (The OpenVPN Project)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
R3 BtFilter; C:\WINDOWS\System32\drivers\btfilter.sys [65448 2018-01-08] (Qualcomm)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-09] (CyberLink)
R3 clwvd7; C:\WINDOWS\system32\DRIVERS\clwvd7.sys [42968 2015-03-24] (CyberLink Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-10-29] (Malwarebytes)
R3 ETDHCF; C:\WINDOWS\System32\drivers\ETDHCF.sys [29256 2017-10-22] (ELAN Microelectronics Corp.)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [69632 2017-11-27] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198000 2018-10-29] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [119136 2018-11-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63768 2018-11-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2018-11-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [111152 2018-11-03] (Malwarebytes)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [108000 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211936 2017-11-06] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [121312 2017-11-06] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [126432 2017-11-06] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [118240 2017-11-06] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [91616 2017-11-06] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [135648 2017-11-06] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [336352 2017-11-06] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [249312 2017-11-06] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [123360 2017-11-06] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [281056 2017-11-06] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [125920 2017-11-06] (Panda Security, S.L.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_b0804a8322213783\nvlddmkm.sys [20605496 2018-10-03] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [191448 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [153992 2018-01-23] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207248 2018-01-30] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [146912 2017-10-17] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [159200 2017-10-17] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [129504 2017-10-17] (Panda Security, S.L.)
U3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-12-13] (Realtek )
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
R3 SNP2UVCW10; C:\WINDOWS\system32\DRIVERS\snUVCg2.sys [1710128 2017-11-05] (Sonix Tech. Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-03 17:45 - 2018-11-03 19:25 - 000111152 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000119136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-11-03 17:45 - 2018-11-03 17:45 - 000063768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-11-03 17:43 - 2018-11-03 17:44 - 000000000 ____D C:\AdwCleaner
2018-11-03 17:43 - 2018-11-03 17:43 - 007592144 _____ (Malwarebytes) C:\Users\Vlado\Downloads\adwcleaner_7.2.4.0.exe
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-11-03 17:42 - 2018-11-03 17:42 - 000000000 ___HD C:\OneDriveTemp
2018-11-03 11:56 - 2018-11-04 09:22 - 000026482 _____ C:\Users\Vlado\Desktop\FRST.txt
2018-11-03 11:56 - 2018-11-04 09:22 - 000000000 ____D C:\FRST
2018-11-03 11:55 - 2018-11-03 11:55 - 002414592 _____ (Farbar) C:\Users\Vlado\Desktop\FRST64.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 062774584 _____ (Skype Technologies S.A.) C:\Users\Vlado\Downloads\Skype-8.33.0.50.exe
2018-11-02 18:30 - 2018-11-02 18:30 - 000001386 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-02 18:30 - 2018-11-02 18:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-10-30 18:14 - 2018-10-30 18:15 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Game
2018-10-30 18:14 - 2018-10-30 18:14 - 000000000 ____D C:\Users\Public\Documents\Steam
2018-10-30 18:11 - 2018-10-30 18:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crash Bandicoot N Sane Trilogy
2018-10-30 12:28 - 2018-10-30 12:28 - 000241060 _____ C:\Users\Vlado\Downloads\absolutne-poradie-hhbd-2018.pdf
2018-10-29 17:42 - 2018-10-29 17:42 - 000002038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000002032 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-10-29 17:42 - 2018-10-29 17:42 - 000000000 ____D C:\Program Files\Zoner
2018-10-29 17:12 - 2018-10-29 17:27 - 167571348 _____ C:\Users\Vlado\Downloads\Zoner Photo Studio X 19.1809.2.83.rar
2018-10-29 17:09 - 2018-10-29 17:09 - 000198000 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-26 16:55 - 2018-10-26 16:56 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:56 - 000002288 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2018-10-26 16:55 - 2018-10-26 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2018-10-26 16:55 - 2018-01-30 14:19 - 000207248 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINKNC.sys
2018-10-26 16:55 - 2017-11-08 23:43 - 000191448 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINAflt.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000281056 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsstrm.sys
2018-10-26 16:55 - 2017-11-06 07:07 - 000125920 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnstlsc.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000336352 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsprot.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000135648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspop3.sys
2018-10-26 16:55 - 2017-11-06 07:06 - 000123360 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnssmtp.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000118240 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspicc.sys
2018-10-26 16:55 - 2017-11-06 07:02 - 000091616 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnspihsw.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000211936 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttp.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000126432 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsids.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000121312 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnshttps.sys
2018-10-26 16:55 - 2017-11-06 07:01 - 000108000 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\nnsalpc.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000159200 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINProt.sys
2018-10-26 16:55 - 2017-10-17 02:31 - 000129504 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSINReg.sys
2018-10-26 16:55 - 2017-05-22 06:01 - 000072648 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2018-10-25 20:11 - 2018-10-29 17:59 - 000000000 ____D C:\Program Files\Common Files\AV
2018-10-25 20:10 - 2018-10-26 16:53 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-10-23 17:12 - 2018-10-29 17:08 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-10-23 17:12 - 2018-10-23 17:12 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbamtray
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Users\Vlado\AppData\Local\mbam
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-10-23 17:12 - 2018-10-23 17:12 - 000000000 ____D C:\Program Files\Malwarebytes
2018-10-23 17:11 - 2018-10-23 17:11 - 080022264 _____ (Malwarebytes ) C:\Users\Vlado\Downloads\mb3-setup-35891.35891-3.6.1.2711-1.0.463-1.0.6913.exe
2018-10-21 14:10 - 2018-10-21 14:10 - 000000000 ____D C:\Users\Vlado\AppData\Local\PAYDAY
2018-10-21 11:50 - 2018-10-23 17:33 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Twitch
2018-10-21 11:50 - 2018-10-21 11:50 - 000000979 _____ C:\Users\Vlado\Desktop\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000965 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Twitch.lnk
2018-10-21 11:50 - 2018-10-21 11:50 - 000000000 ____D C:\ProgramData\Twitch
2018-10-21 11:49 - 2018-10-21 11:49 - 087447456 _____ C:\Users\Vlado\Downloads\TwitchSetup_[usher-268306925].exe
2018-10-18 15:29 - 2018-10-18 15:29 - 000000000 ____D C:\WINDOWS\Panther
2018-10-18 14:56 - 2018-10-18 14:56 - 000654652 _____ C:\Users\Vlado\Downloads\Cennk_W177_2018_07_27_akt.pdf
2018-10-12 18:29 - 2018-10-12 18:29 - 000000000 _____ C:\Users\Public\Shared Files
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\EasyAntiCheat
2018-10-12 18:22 - 2018-10-12 18:22 - 000000000 ____D C:\Users\Vlado\AppData\Local\FortniteGame
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngineLauncher
2018-10-12 18:00 - 2018-10-12 18:00 - 000000000 ____D C:\Users\Vlado\AppData\Local\EpicGamesLauncher
2018-10-12 17:59 - 2018-10-12 18:00 - 000000000 ____D C:\ProgramData\Epic
2018-10-12 17:59 - 2018-10-12 17:59 - 033542144 _____ C:\Users\Vlado\Downloads\EpicInstaller-7.16.0-fortnite-d0fd3d3521c2463284ba9773051cf181.msi
2018-10-09 18:13 - 2018-10-09 18:13 - 026805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 020809216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 011744256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009951744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 009696768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 007861248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006543224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 006062592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005584056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 004588032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 003981312 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 003556864 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003380736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 003378176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002927096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002721280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002625552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002435488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001672072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001466992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 001360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 001050640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-09 18:13 - 2018-10-09 18:13 - 000918496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000582248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-09 18:13 - 2018-10-09 18:13 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000402376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-09 18:13 - 2018-10-09 18:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-08 17:18 - 2018-10-08 17:18 - 000000000 ____D C:\ProgramData\Hotspot Shield
2018-10-07 15:52 - 2018-10-07 15:52 - 000000000 ____D C:\Program Files (x86)\Origin Games
2018-10-07 15:49 - 2018-10-03 04:31 - 035296480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 029972128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 015907904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 013202672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 001167560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 04:31 - 000914552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000978312 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000845192 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-10-07 15:49 - 2018-10-03 01:35 - 000243592 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-10-07 15:49 - 2018-10-03 01:32 - 001998200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001507944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001455176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 001122376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000631368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-10-07 15:49 - 2018-10-03 01:32 - 000521904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 019704344 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 016983304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-10-07 15:48 - 2018-10-03 04:30 - 004249912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 002018352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:32 - 001468360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441616.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 040253672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 035151592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004938800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-10-07 15:48 - 2018-10-03 01:31 - 004310984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-10-06 14:28 - 2018-10-06 14:28 - 002146496 _____ (Panda Security, S.L.) C:\Users\Vlado\Downloads\PANDAFREEAV.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-04 09:22 - 2018-10-03 16:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-04 09:22 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-04 09:22 - 2018-06-09 19:06 - 000000000 ____D C:\Users\Vlado\AppData\Local\CrashDumps
2018-11-03 17:50 - 2018-10-03 16:38 - 000840848 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-03 17:50 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-11-03 17:46 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-11-03 17:45 - 2018-07-11 19:05 - 000000000 ____D C:\Users\Vlado\Documents\YouCam
2018-11-03 17:45 - 2018-05-25 07:10 - 000000000 ___RD C:\Users\Vlado\OneDrive
2018-11-03 17:44 - 2018-10-03 16:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-03 17:44 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-03 17:44 - 2018-05-25 07:08 - 000000000 __SHD C:\Users\Vlado\IntelGraphicsProfiles
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-11-03 11:59 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-03 11:59 - 2018-06-03 19:03 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\uTorrent
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-03 11:55 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-02 18:30 - 2018-05-24 18:46 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Skype
2018-11-02 17:26 - 2018-05-25 16:14 - 000000000 ____D C:\Users\Vlado\AppData\LocalLow\Mozilla
2018-10-31 15:37 - 2018-05-25 07:28 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-31 15:37 - 2018-05-25 07:28 - 000002279 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-30 20:41 - 2018-07-21 10:22 - 000000000 ____D C:\ProgramData\ProductData
2018-10-30 18:19 - 2018-05-25 13:32 - 000000000 ____D C:\Users\Vlado\Desktop\hry
2018-10-29 17:59 - 2018-10-03 16:07 - 000595704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Zoner
2018-10-29 17:43 - 2018-09-21 11:57 - 000000000 ____D C:\Users\Vlado\AppData\Local\Zoner
2018-10-29 17:07 - 2018-06-08 18:41 - 000000000 ____D C:\Users\Vlado\Documents\FLiNGTrainer
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Panda Security
2018-10-26 16:55 - 2018-05-25 07:32 - 000000000 ____D C:\Program Files (x86)\Panda Security
2018-10-26 16:55 - 2018-05-25 07:30 - 000000000 ____D C:\ProgramData\Panda Security
2018-10-26 16:53 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-26 16:07 - 2018-09-15 07:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-26 14:34 - 2018-07-12 18:26 - 000000000 ____D C:\Users\Vlado\Desktop\praca
2018-10-25 20:09 - 2018-08-22 13:41 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-10-25 19:57 - 2018-05-24 21:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-22 14:33 - 2018-05-25 14:23 - 000000000 ____D C:\Users\Vlado\AppData\Local\PlaceholderTileLogoFolder
2018-10-22 14:33 - 2018-05-25 07:08 - 000000000 ____D C:\Users\Vlado\AppData\Local\Packages
2018-10-21 14:10 - 2018-05-25 10:37 - 000000000 ____D C:\Users\Vlado\AppData\Local\D3DSCache
2018-10-21 13:34 - 2018-05-25 12:02 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-10-19 14:29 - 2018-06-05 14:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA
2018-10-18 14:50 - 2018-10-03 16:12 - 000004218 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1533206182
2018-10-18 14:50 - 2018-08-02 11:36 - 000001377 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-10-17 16:41 - 2018-10-03 16:12 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-10-03 16:12 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-17 16:41 - 2018-06-07 16:01 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:19 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-10-17 16:41 - 2017-09-01 10:18 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-10-16 14:09 - 2018-10-03 16:12 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3757017093-2623875683-488815004-1001
2018-10-16 14:09 - 2018-10-03 16:08 - 000002374 _____ C:\Users\Vlado\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-16 06:46 - 2018-07-11 06:52 - 000000000 ____D C:\ProgramData\Packages
2018-10-14 12:11 - 2018-08-11 16:33 - 000000000 ____D C:\Users\Vlado\AppData\Local\ElevatedDiagnostics
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 __SHD C:\Users\Public\Libraries
2018-10-12 18:29 - 2018-09-15 08:33 - 000000000 ____D C:\PerfLogs
2018-10-12 18:22 - 2018-06-24 13:28 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-10-12 18:00 - 2018-06-24 13:29 - 000000000 ____D C:\Users\Vlado\AppData\Local\UnrealEngine
2018-10-12 18:00 - 2017-09-01 09:52 - 000000000 ____D C:\ProgramData\Package Cache
2018-10-10 21:04 - 2018-05-24 16:50 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 002248232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-10-10 21:04 - 2018-05-24 16:50 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-10-10 19:22 - 2018-05-24 16:49 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-10-10 17:55 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-10 16:32 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2018-10-09 18:15 - 2018-05-24 20:33 - 000000000 ___RD C:\Users\Vlado\3D Objects
2018-10-09 18:15 - 2017-03-23 18:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 17:25 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-10-09 18:13 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-09 18:12 - 2018-05-24 19:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-09 18:11 - 2018-05-24 19:21 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-07 15:53 - 2018-06-09 18:52 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\Origin
2018-10-07 15:52 - 2018-05-24 18:21 - 000000000 ____D C:\ProgramData\Origin
2018-10-07 15:43 - 2018-05-24 17:25 - 000000000 ____D C:\Users\Vlado\AppData\Local\NVIDIA Corporation
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-06 10:54 - 2018-10-03 16:13 - 000000000 ____D C:\Users\Vlado\AppData\Local\PackageStaging

==================== Files in the root of some directories =======

2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (04-11-2018 09:23:09)
Running from C:\Users\Vlado\Desktop
Windows 10 Home Version 1809 17763.55 (X64) (2018-10-03 15:12:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3757017093-2623875683-488815004-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3757017093-2623875683-488815004-503 - Limited - Disabled)
Guest (S-1-5-21-3757017093-2623875683-488815004-501 - Limited - Disabled)
vladi (S-1-5-21-3757017093-2623875683-488815004-1002 - Limited - Disabled)
Vlado (S-1-5-21-3757017093-2623875683-488815004-1001 - Administrator - Enabled) => C:\Users\Vlado
WDAGUtilityAccount (S-1-5-21-3757017093-2623875683-488815004-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Dome (Enabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Enabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2018 (HKLM\...\{7DC3F900-68E5-40F1-869D-9D20A69D8A1D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_0_0) (Version: 12.0.0 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Corel Update Manager (HKLM\...\{7A731C52-8DC6-47AB-B2BC-3FE70F6C6968}) (Version: 2.9.389 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2018 - Capture (x64) (HKLM\...\{57B35A9E-2E5C-4CE4-AE54-61B02500ED6C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Common (x64) (HKLM\...\{C9E9E21E-E375-4BAF-B647-22ABA6ABBACF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Connect (x64) (HKLM\...\{BCAF055A-51F2-4266-BC27-E67AFE02B1CE}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Custom Data (x64) (HKLM\...\{098FFEC8-98D9-4DE0-BC3F-B5A94547FF73}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Draw (x64) (HKLM\...\{121B4D48-BDC1-4037-B150-28037FA47510}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - EN (x64) (HKLM\...\{FBA611A2-4060-4FF5-8A32-3A710A347EDA}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Filters (x64) (HKLM\...\{9433E8C4-DD2E-40BE-A1AF-0832DFE89C92}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Font Manager (x64) (HKLM\...\{EFD5BDD5-CEF1-4209-ABF1-2387D0756D14}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM (x64) (HKLM\...\{A4DEA23F-2371-483E-93C1-1764CA80DDEF}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - IPM Content (HKLM-x32\...\{A6AF1536-0A19-42C7-8009-06AAE797FAFC}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - PHOTO-PAINT (x64) (HKLM\...\{CA42C3C9-6A8C-423E-885E-064B06DAD20E}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Redist (x64) (HKLM\...\{E442BB6A-268E-4864-9780-C0A4789DA64F}) (Version: 20.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Setup Files (x64) (HKLM\...\{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - VBA (x64) (HKLM\...\{8FE99871-8AF0-449F-A1C4-F18EE971DC84}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Workspaces (x64) (HKLM\...\{94B3EE65-9BD2-4C39-9E43-E1403F6A82F4}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 - Writing Tools (x64) (HKLM\...\{F5CC82A3-6FF2-4D76-AC4F-3A7C63E3487C}) (Version: 20.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2018 (64-Bit) (HKLM\...\_{CBBC5C20-F3ED-4425-9393-F77D50036592}) (Version: 20.1.0.708 - Corel Corporation)
CorelDRAW Graphics Suite 2018 (HKLM\...\{5F18CC22-B399-48EC-BB9D-E92510E218EF}) (Version: 20.1 - Corel Corporation) Hidden
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
Crash Bandicoot N Sane Trilogy (HKLM-x32\...\Crash Bandicoot N Sane Trilogy_is1) (Version: - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.7007 - CyberLink Corp.)
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.7417 - CyberLink Corp.)
CyberLink YouCam 7 (HKLM-x32\...\{0078CD4D-B146-4D77-8CF0-268B36C1A3EC}) (Version: 7.0.0609.0 - CyberLink Corp.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 416.16 - NVIDIA Corporation) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{F994125B-7BF5-4A38-A569-82833CEB24DC}) (Version: 0.8.4.83 - Dolby Laboratories, Inc.)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version: - id Software)
Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Far Cry 5 (HKLM-x32\...\{73B938C4-0DDA-448D-8E46-87401EA87339}_is1) (Version: - Ubisoft)
FIFA18 version 1.0 (HKLM\...\FIFA18_is1) (Version: 1.0 - STEAMPUNKS) <==== ATTENTION
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - )
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden
IntelliJ IDEA Community Edition 2018.1.4 (HKLM-x32\...\IntelliJ IDEA Community Edition 2018.1.4) (Version: 181.5087.20 - JetBrains s.r.o.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java(TM) SE Development Kit 10.0.1 (64-bit) (HKLM\...\{398EFBE6-18DB-5E47-8E12-481F95602239}) (Version: 10.0.1.0 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.4 - Lenovo)
Lenovo Utility (HKLM\...\{12ABAC82-7D83-4CB8-9DD2-434DC9AF2942}_is1) (Version: 3.0.0.20 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
Malwarebytes verzia 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.9.1.6764 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 sk)) (Version: 52.9.1 - Mozilla)
Mp3 Knife 3.6 (HKLM-x32\...\Mp3 Knife_is1) (Version: - )
Need for Speed™ Payback (HKLM-x32\...\{F4CF3D08-565C-40B7-B351-D3033DE2172B}) (Version: 1.0.51.15364 - Electronic Arts)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.186 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.186 - NVIDIA Corporation)
NVIDIA Grafický ovládač 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 416.16 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 56.0.3051.52 (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\Opera 56.0.3051.52) (Version: 56.0.3051.52 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 10.5.27.11381 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 416.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 416.16 - NVIDIA Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{3F9548B2-0B34-4453-A92E-35056B053F19}) (Version: 1.08.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.08 - Panda Security) Hidden
Panda Dome (HKLM\...\{DC22166B-6F26-4E2E-BFDE-CC3578246940}) (Version: 9.13.00 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.06.00.0000 - Panda Security)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 5.0.0.277 - Jan Fiala)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
Skype verzia 8.33 (HKLM-x32\...\Skype_is1) (Version: 8.33 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Twitch (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DA171DF3-18B3-446E-BCA6-C08069850FD2}) (Version: 2.36.0.0 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wampserver64 3.1.3 (HKLM\...\{wampserver64}_is1) (Version: 3.1.3 - Dominique Ottello aka Otomatic)
WhatsApp (HKU\S-1-5-21-3757017093-2623875683-488815004-1001\...\WhatsApp) (Version: 0.3.557 - WhatsApp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.83 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3757017093-2623875683-488815004-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2016-10-07] (Cyberlink)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1a33d2f73651d989\igfxDTCM.dll [2018-05-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-10-02] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-05-30] (Panda Security, S.L.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {1027A0C0-6249-488F-B5B7-C7AB90A8812B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0db23bb4-3d2e-44d7-b598-7b659495698e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {12071C65-54A4-4822-8683-D35EB1B2005B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {22A08B7B-27DE-4875-B1E3-587E89281CB9} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {24147196-F148-4414-BAA3-84F4086678C4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {26936037-4BBC-4AB6-ACFD-20F442529B8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-10] (Piriform Ltd)
Task: {2BA4990F-63BC-4098-BC11-7AA3366877BD} - System32\Tasks\RtHDVBg_LENOVO_DOLBYDRAGON => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {2BAECA55-3440-4F72-99AF-F9695C22999B} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [2017-02-17] (CyberLink Corp.)
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {3992C315-B865-4E7B-A1CC-11D19321249E} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {3CFBAD3E-48DD-48C9-B02F-B802A35B6E10} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-10] (Piriform Ltd)
Task: {4210AA6E-C6EB-49FA-AA8F-A826399FB842} - System32\Tasks\JavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-26] (Oracle Corporation)
Task: {43541FE9-F60F-4B6B-A83B-62A287A0D29A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-10-10] (NVIDIA Corporation)
Task: {45A5D1A0-4C0D-4F51-8948-924A5446C6A4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {54F2C3FE-F04A-410A-95D0-65E1C7898736} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\Lenovo\Power2Go\CLVDLauncher.exe [2016-09-20] (CyberLink Corp.)
Task: {56EED081-2D86-4E41-983C-B91C57B3A2D7} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {59755BA5-9624-4640-BF46-556DC0606B7B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-05-16] (Lenovo Group Limited)
Task: {6558F66E-7601-4DEB-AC5B-5399FAB139E0} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-10-10] (NVIDIA Corporation)
Task: {66ED0933-0C60-4302-809A-40FA3BE7AC52} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {7BBACDAD-FBB5-4829-ABCB-28983B4472B5} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation)
Task: {7D3282C1-94F6-42DC-9345-CF7ABE06F128} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {85E478DC-F5E8-4448-A105-404805B6D7CB} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2016-10-07] (CyberLink)
Task: {9E8582DB-3FE4-4001-85BA-7654A14AC5BF} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3757017093-2623875683-488815004-1001 => C:\Users\Vlado\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-07-12] (Lenovo Group Limited)
Task: {A0E3D73F-0DBC-4EBF-817A-197D899120A1} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-10-10] (NVIDIA Corporation)
Task: {A4C36156-0A2A-44AB-9D12-E1EF2520F08B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-10-10] (NVIDIA Corporation)
Task: {AA941A00-FF1A-4E45-83D4-8F64C5484B46} - System32\Tasks\Opera scheduled Autoupdate 1533206182 => C:\Users\Vlado\AppData\Local\Programs\Opera\launcher.exe [2018-10-17] (Opera Software)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {AF062956-773D-41A0-B360-9BDBEAA847DD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-29] (Realtek Semiconductor)
Task: {B2F71228-4D26-46B7-A9F9-E8EF9A0F7902} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\981cad70-55aa-4a75-90a5-d366c11f497b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {B634BED0-642C-44EE-8A2A-3A01D716376C} - System32\Tasks\AdobeGCInvoker-1.0-LAPTOP-RSV8O8AU-Vlado => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {BD21C377-5B30-4E5A-B6F2-37D2086885E5} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {BD3A9133-3583-4419-BFC7-7FC6B3385588} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\63297ddb-40ab-483d-a961-b097985b17f1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {CFD971BD-2FD9-4FD7-9B91-6E33155BD959} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9a0cec26-4570-49b6-ad8e-70f31e4d0c79 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-05-16] (Lenovo Group Limited)
Task: {D9D26A02-FA26-4ED9-ADBA-325E815CA401} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-10-10] (NVIDIA Corporation)
Task: {DBB2DE08-B57B-4256-8209-9A7870A1F2D0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-25] (Google Inc.)
Task: {E1ECC927-DB3C-43E5-A6E0-8D0557700280} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E4A3CDB7-B2EA-45B8-8413-85BCA79CFFCA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-10-10] (NVIDIA Corporation)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {EBE6AFFF-819E-422C-93FE-141F8039D43A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {F48A93C7-0AC1-477D-9CC9-05B6FF876EF4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation)
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-20 07:28 - 2018-04-20 07:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-05-24 16:50 - 2018-10-10 21:04 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-10-23 17:12 - 2018-10-29 17:08 - 002821952 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-10-06 08:58 - 2018-10-06 08:58 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-07-31 20:03 - 2018-07-31 20:03 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 001689088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-10-16 06:46 - 2018-10-16 06:46 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-28 09:44 - 2018-09-28 09:44 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-03 11:55 - 2018-11-03 11:55 - 000744960 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_10.1809.2731.0_x64__8wekyb3d8bbwe\TimeBackground.dll
2018-10-06 08:58 - 2018-10-06 08:58 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2015-12-15 18:17 - 2015-12-15 18:17 - 000618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2018-05-24 16:50 - 2018-10-10 21:04 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-09-20 01:42 - 2017-09-20 01:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 17:11 - 2017-09-06 17:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 02:04 - 2017-09-20 02:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 17:11 - 2017-09-06 17:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-11-08 23:44 - 2017-11-08 23:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-01 10:01 - 2016-09-21 02:18 - 000763160 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2016-09-21 17:18 - 2016-09-21 17:18 - 000027416 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2018-08-28 08:03 - 000000039 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 217.23.254.124 - 217.23.254.125
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{4A657D30-48DD-49D4-941F-19AA835D963E}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{431D9480-F941-43CD-84EE-16C238200098}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{AB251334-F56A-4EC2-B316-3A6B4FE7B4AB}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6A9EFC3C-245C-4B76-9444-B21427EA7489}] => (Allow) F:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6D9B0408-F6D0-46D4-87DA-488CFC62BB1C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{E95A6C60-6B2D-44B8-B31C-3B78CFD6E555}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Kane & Lynch 2 - Dog Days\kl2.exe
FirewallRules: [{1274C712-D20A-47DD-8E08-C1435A17D495}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1A835E84-F589-4E9A-B107-FB4E33EB873F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C65DAB93-79C7-4307-AA4F-8E6C5703FA96}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{00055E0F-2CD2-43C4-8BB3-DE02A528B10F}] => (Allow) F:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [UDP Query User{7D2486D2-0C46-411A-AA00-EF269556A928}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [TCP Query User{19483868-FFF5-417A-86D2-B7A23502BB78}C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe] => (Allow) C:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
FirewallRules: [{EDF0FCA6-FFED-42A9-871E-8F4E38AAFB28}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [{DE496691-EA16-4EAD-AD06-0EAE5DCC9443}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\quakechampions\client\bin\pc\QuakeChampions.exe
FirewallRules: [UDP Query User{6D1547C7-78DC-482A-BD6C-3A259F437E03}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [TCP Query User{172B2438-F0F2-4EF0-AB48-3F4D404BF57E}F:\games\fifa18\fifa18.exe] => (Block) F:\games\fifa18\fifa18.exe
FirewallRules: [{C1ADB3BA-9C22-4BE4-9528-0812BF0A3607}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{253D4F21-4642-41AD-8128-72F102DD974A}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8DF2E295-3385-4A16-A621-F40DDFECC6F6}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{5CCF74F7-E30A-4062-8E72-B5D73E0AA021}] => (Allow) F:\games\NFS\NeedForSpeedPayback.exe
FirewallRules: [{A37C800D-AC21-408D-B0D2-DE6EDDD4B601}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{45DBD737-5612-4908-87FD-6D59DAEC0851}] => (Allow) F:\games\NFS\NeedForSpeedPaybackTrial.exe
FirewallRules: [{7EC6F359-80FA-4428-8EB7-245A7118D163}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{84D1DAC0-E98E-423C-976E-71151C95AEB0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [UDP Query User{0EA1205B-33AF-43DB-9E9C-A16C89D4BE52}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{9A8B6EE1-36B9-4C7D-BCC0-4E9A5D9DC55D}F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{D911C9BE-6114-403A-BB12-17FA91ABB9C7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{589DF1BB-7CD4-46D8-A782-981AB9DBD926}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{CF279844-9533-417C-8951-07598E6C3D46}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{077A0052-4375-42F0-AC4E-1A60A1FE9B23}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{487AD269-CDB0-4B75-8B9A-CD0C036AE209}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [TCP Query User{BEE98D3F-736C-4F81-AE02-D3C5E45C33EB}F:\games\doom\doomx64.exe] => (Block) F:\games\doom\doomx64.exe
FirewallRules: [{60533DA9-E436-40F6-930C-302475A55D53}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1692B04D-1880-4AFF-BEC3-117D6EEA02D3}] => (Allow) C:\Users\Vlado\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [UDP Query User{BA74158A-0143-43E7-B602-817FC40574F9}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [TCP Query User{E4A01E9E-A6FA-4C3B-B583-F04F08B1716E}C:\program files (x86)\rayman origins\rayman origins.exe] => (Block) C:\program files (x86)\rayman origins\rayman origins.exe
FirewallRules: [UDP Query User{148CDC88-105A-4D2C-8538-B96A0D03085F}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [TCP Query User{30F60D78-12B7-4E49-A0C0-07A353109CCD}C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_171\bin\javaw.exe
FirewallRules: [{D824CF6B-6CD6-4015-89D8-60C4531F62D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelPP.exe
FirewallRules: [{DD22045F-B7A8-4AA3-AE67-7C1C18F7EC4E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2018\Programs64\CorelDrw.exe
FirewallRules: [{2320B517-FFD2-4A31-828B-8600CDAA0C30}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{6C718409-E3DB-4FDA-BA3D-00D74BA36709}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{A2CB94DF-CFED-46FB-89D1-6F6BA3F91322}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BCA79690-9548-4F58-86D2-FFC281F359D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DB8551C2-5186-4318-84F1-6EF4A997ABD7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [{D23853C9-CE97-4D5F-8855-9A4C88C80106}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe
FirewallRules: [TCP Query User{91F907F7-6BD0-441D-BD21-EC2537B3CE45}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{18753799-EFE7-40A4-B3AA-FF5D7455FF96}F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) F:\games\epic games\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{F5E75EFB-03BA-4C34-B300-8CFB0A3F5C78}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{ABE4A2C4-61F3-4E94-9227-861DDA45AAC3}F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) F:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{B19B70C1-CC9A-4E9B-A304-7B7FE270E460}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{2D3AE4F9-6A5A-46DC-9407-52D51A72488F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D9D4303F-86AB-4E3F-94D5-E298930190B2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02A08203-96AB-4371-A717-5CCAEB100E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4D87973-842F-4F92-81F8-33AAE66EB09D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [{6B1093CF-83D0-40D6-8678-6B46AD0CA548}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe
FirewallRules: [TCP Query User{DDFF5692-9EFD-4E87-B3DE-2CD8E0CB8B3B}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [UDP Query User{1F72E36A-2D6A-426F-9D18-40403EBDCC01}F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Block) F:\games\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe
FirewallRules: [{39EB1E2B-1E5C-4B00-A4DC-F267E3303F52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{98E419C8-FC37-49C3-A35E-99297392CDD1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{68854484-676A-45D4-A3D7-9A6EB9F00C65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================

20-10-2018 17:36:15 Scheduled Checkpoint
29-10-2018 19:34:39 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/04/2018 09:22:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0xfa8
Čas spustenia chybujúcej aplikácie: 0x01d4741780d6724e
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 69a4748f-e8e8-48e0-8048-64f10139cf41
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 07:23:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2ae4
Čas spustenia chybujúcej aplikácie: 0x01d473a263614a45
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 616f4b33-c125-4b81-9723-dd427f7ada5e
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 05:52:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Microsoft.Photos.exe, verzia: 2018.18081.14710.0, časová značka: 0x5b9d00b1
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x224c
Čas spustenia chybujúcej aplikácie: 0x01d473959f5e3aed
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: f8dc6afa-d569-4b5f-ac5d-81f0617adb70
Celé meno chybujúceho balíka: Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 05:48:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Lenovo.Discovery.exe, verzia: 4.15.58.0, časová značka: 0x5baa06c7
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0x30bd5043
Kód výnimky: 0x00000004
Odstup chyby: 0x0011aaf2
Identifikácia chybujúceho procesu: 0x3780
Čas spustenia chybujúcej aplikácie: 0x01d4739503e85c19
Cesta chybujúcej aplikácie: C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8\Lenovo.Discovery.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 71138a22-48f7-483e-8e41-1ee9127e876e
Celé meno chybujúceho balíka: E046963F.LenovoCompanion_4.15.58.0_x86__k1h2ywk1493x8
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 05:46:11 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (11/03/2018 05:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x2a88
Čas spustenia chybujúcej aplikácie: 0x01d473949456211c
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf68c18d-2c3f-4d32-90da-a8ecf92b96b6
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 05:45:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: backgroundTaskHost.exe, verzia: 10.0.17763.1, časová značka: 0x6fe3727f
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17763.1, časová značka: 0xc3164c39
Kód výnimky: 0x00000004
Odstup chyby: 0x0000000000055299
Identifikácia chybujúceho procesu: 0x25ac
Čas spustenia chybujúcej aplikácie: 0x01d47394916888ab
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: cf9c90a7-9ca0-4894-857b-08851d3ae21d
Celé meno chybujúceho balíka: Microsoft.YourPhone_1.0.12964.0_x64__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (11/03/2018 05:43:37 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.


System errors:
=============
Error: (11/03/2018 07:29:24 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 07:25:52 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 07:24:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 05:51:25 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 05:51:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 05:49:03 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 05:48:45 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/03/2018 05:45:20 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-RSV8O8AU)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-RSV8O8AU\Vlado SID (S-1-5-21-3757017093-2623875683-488815004-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2018-10-06 15:30:34.243
Description:
Windows Defender Antivirus has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80070003
Error description: The system cannot find the path specified.
Signature version: 0.0.0.0;0.0.0.0
Engine version: 0.0.0.0

CodeIntegrity:
===================================

Date: 2018-11-03 17:44:58.348
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:44:58.315
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:44:58.277
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:44:58.251
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:42:25.172
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:42:25.147
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:42:25.114
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-03 17:42:25.089
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 42%
Total physical RAM: 8066.72 MB
Available physical RAM: 4641.46 MB
Total Virtual: 10370.72 MB
Available Virtual: 6042.98 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:212.23 GB) (Free:114.6 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:15.3 GB) NTFS
Drive f: (ADATA SD700) (Fixed) (Total:476.81 GB) (Free:16.49 GB) NTFS

\\?\Volume{676dd2e4-2b86-4b52-b7a7-dc761b15a2ee}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.5 GB) NTFS
\\?\Volume{21294cef-89f6-4a88-8ffc-be5addb5d57b}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D0E3B36)

Partition: GPT.

========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: C0C1D248)

Partition: GPT.

==================== End of Addition.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
  File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
  File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1
  
  HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
  HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
  BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
  CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
  CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
  S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
  2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
  2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
  2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
  2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
  2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
  ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
  Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
  Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
  Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
  Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
  AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
  AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
  AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
  HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
  C:\Program Files\Common Files\AVG
  
  C:\Program Files\IObit
  C:\Program Files (x86)\IObit
  C:\Program Files\Common Files\IObit
  C:\ProgramData\IObit
  C:\ProgramData\ProductData
  C:\Users\Vlado\AppData\Roaming\IObit
  C:\Users\Vlado\AppData\LocalLow\IObit
  C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
  C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
  C:\Users\Default\AppData\Roaming\IObit
  C:\Users\Default\AppData\LocalLow\IObit
  C:\Users\Public\Desktop\*Driver Booster*
  C:\Users\Public\Desktop\*Advanced SystemCare*
  C:\Windows\IObit
  C:\Windows\Tasks\ImCleanDisabled
  C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Vlado (04-11-2018 16:12:04) Run:1
Running from C:\Users\Vlado\Desktop
Loaded Profiles: Vlado (Available Profiles: Vlado)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1

HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
S4 IUFileFilter; \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [X]
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Users\Vlado\AppData\Roaming\IObit
2018-11-03 17:41 - 2018-07-21 10:21 - 000000000 ____D C:\Program Files (x86)\IObit
2018-10-06 14:31 - 2018-08-22 13:50 - 000000000 ____D C:\Users\Vlado\AppData\Local\Avg
2018-10-06 14:31 - 2018-08-22 13:49 - 000000000 ____D C:\ProgramData\AVG
2018-10-02 14:26 - 2018-10-02 14:26 - 000000000 _____ () C:\Users\Vlado\AppData\Local\oobelibMkey.log
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE} - no filepath
Task: {34B24E69-99BD-4CD5-BC9A-B424095E1987} - no filepath
Task: {38EC323B-A7C1-4FC5-978E-1E9232D6646C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-10-29] (AVG Technologies CZ, s.r.o.)
Task: {E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31} - no filepath
Task: {FDBE53CC-A3AF-44ED-B8CB-972D5840D803} - no filepath
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [470]
AlternateDataStreams: C:\Users\Vlado\Application Data:00e481b5e22dbe1f649fcddd505d3eb7 [0]
AlternateDataStreams: C:\Users\Vlado\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [0]
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION
C:\Program Files\Common Files\AVG

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Vlado\AppData\Roaming\IObit
C:\Users\Vlado\AppData\LocalLow\IObit
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 255
Average :
Sum : 199452279
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe ========================

C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
File not signed
MD5: 9CEE2BBB060DC4B7062BE4461774A7A0
Creation and modification date: 2018-04-20 07:28 - 2018-04-20 07:28
Size: 000190784
Attributes: ----A
Company Name:
Internal Name: DCSHOST
Original Name: HuaweiHiSuiteService.EXE
Product: HuaweiHiSuiteService
Description: HuaweiHiSuiteService
File Version: 2, 0, 0, 42
Product Version: 2, 0, 0, 42
Copyright: Copyright (C) 2008
VirusTotal: https://www.virustotal.com/file/bbe3aee ... 540540578/

====== End of File: ======


========================= File: c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe ========================

c:\wamp64\bin\apache\apache2.4.33\bin\httpd.exe
File not signed
MD5: 8F4F711DDA9CD13BFFD206B9BB0CF126
Creation and modification date: 2018-08-28 08:01 - 2018-03-18 12:59
Size: 000030720
Attributes: ----A
Company Name: Apache Software Foundation
Internal Name: httpd.exe
Original Name: httpd.exe
Product: Apache HTTP Server
Description: Apache HTTP Server
File Version: 2.4.33
Product Version: 2.4.33
Copyright: Copyright 2018 The Apache Software Foundation.
VirusTotal: https://www.virustotal.com/file/d4bd7c9 ... 541143161/

====== End of File: ======


========================= File: c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe ========================

c:\wamp64\bin\mysql\mysql5.7.21\bin\mysqld.exe
File not signed
MD5: F93B6B614AA4DAA64C3D4EA2A08C8D6A
Creation and modification date: 2018-08-28 08:00 - 2017-12-28 05:48
Size: 039551488
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version: 5.7.21.0
Product Version: 5.7.21.0
Copyright:
VirusTotal: https://www.virustotal.com/file/5cf03db ... 528513596/

====== End of File: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FIFA18_is1]
"Inno Setup: Setup Version"="5.5.1.ee2 (u)"
"Inno Setup: App Path"="F:\games\FIFA18"
"InstallLocation"="F:\games\FIFA18\"
"Inno Setup: Icon Group"="FIFA18"
"Inno Setup: User"="Vlado"
"Inno Setup: Selected Tasks"=""
"Inno Setup: Deselected Tasks"="desktopicon"
"Inno Setup: Language"="eng"
"DisplayName"="FIFA18 version 1.0"
"UninstallString"=""F:\games\FIFA18\unins000.exe""
"UninstallDataFile"="F:\games\FIFA18\unins000.dat"
"QuietUninstallString"=""F:\games\FIFA18\unins000.exe" /SILENT"
"DisplayVersion"="1.0"
"Publisher"="STEAMPUNKS"
"Comments"="FIFA18"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20180706"
"MajorVersion"="1"
"MinorVersion"="0"
"EstimatedSize"="1468"

=== End of ExportKey ===
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => removed successfully
HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} => not found
"Chrome NewTab" => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig => removed successfully
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak => removed successfully
HKLM\System\CurrentControlSet\Services\IUFileFilter => removed successfully
IUFileFilter => service removed successfully
C:\Users\Vlado\AppData\Roaming\IObit => moved successfully
C:\Program Files (x86)\IObit => moved successfully
C:\Users\Vlado\AppData\Local\Avg => moved successfully
C:\ProgramData\AVG => moved successfully
C:\Users\Vlado\AppData\Local\oobelibMkey.log => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0E2CF6CC-1DD1-40B6-8A75-E0FFAB6810EE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{34B24E69-99BD-4CD5-BC9A-B424095E1987}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{38EC323B-A7C1-4FC5-978E-1E9232D6646C}" => removed successfully
C:\WINDOWS\System32\Tasks\AVG\Overseer => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG\Overseer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E59BE2F5-B7EC-4AA8-B98D-1D345DCD2F31}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDBE53CC-A3AF-44ED-B8CB-972D5840D803}" => removed successfully
C:\Users\Public\Shared Files => ":VersionCache" ADS removed successfully
C:\Users\Vlado\Application Data => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS removed successfully
"C:\Users\Vlado\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
HKU\S-1-5-21-3757017093-2623875683-488815004-1001\Software\Classes\regfile => removed successfully
C:\Program Files\Common Files\AVG => moved successfully
"C:\Program Files\IObit" => not found
"C:\Program Files (x86)\IObit" => not found
"C:\Program Files\Common Files\IObit" => not found
C:\ProgramData\IObit => moved successfully
C:\ProgramData\ProductData => moved successfully
"C:\Users\Vlado\AppData\Roaming\IObit" => not found
C:\Users\Vlado\AppData\LocalLow\IObit => moved successfully

=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Vlado\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

"C:\Windows\IObit" => not found
"C:\Windows\Tasks\ImCleanDisabled" => not found
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 62372688 B
Java, Flash, Steam htmlcache => 149624292 B
Windows/system/drivers => 936311 B
Edge => 2086528 B
Chrome => 272254626 B
Firefox => 0 B
Opera => 873948 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3610 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Vlado => 20538947 B

RecycleBin => 0 B
EmptyTemp: => 495.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:12:40 ====

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

V PC su este nejake zbytky po AVG, ktory bol zrejme odinstalovany, tak precisti to este cez AVG Remover: http://files-download.avg.com/util/tool ... emover.exe

• Stiahni, uloz na plochu, spusti ako spravca, pod "AVG Remover" klikni na Continue, nechaj obidve moznsoti zaskrnute a klikni na Remove, nasledne nechaj restartovat PC
• Po restartovani PC otvor disk C:q a odstran zlozku "AVG_Remover"
• Anglicky navod s obrazkami (cast C): https://support.avg.com/SupportArticleV ... nstall-AVG

Ide o to, že keď spustím Lenovo Vantage, tak preblikne okno a zmizne, to iste robí aj keď spustím napravo v roku pri hodinkách ten štít, zo zelenou fajkou, centrum zabezpečenia, neviem ako sa to presne vola

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC

Problém pretrváva, nič nezmenilo Lenovo Vantage nefunguje ani štít so zelenou fajkou.