Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.11.2018
Ran by Kedar (21-11-2018 21:11:22)
Running from C:\Users\Kedar\Desktop
Windows 10 Home Version 1809 17763.134 (X64) (2018-10-04 19:53:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1248986085-3350451917-519491516-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1248986085-3350451917-519491516-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1248986085-3350451917-519491516-1000 - Limited - Disabled)
Guest (S-1-5-21-1248986085-3350451917-519491516-501 - Limited - Disabled)
Kedar (S-1-5-21-1248986085-3350451917-519491516-1001 - Administrator - Enabled) => C:\Users\Kedar
Pepa (S-1-5-21-1248986085-3350451917-519491516-1002 - Limited - Enabled) => C:\Users\Pepa
WDAGUtilityAccount (S-1-5-21-1248986085-3350451917-519491516-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360 File Guard (HKLM-x32\...\360DocProtect) (Version: 1.0.0.1181 - 360 Security Center)
Adobe (HKLM\...\{54F523F5-5C09-46C5-A256-3EFAB3FF804B}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{94ED5A92-8B93-48A2-BEA6-8FB4C2EAF08F}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{C292D9FF-FE73-4A50-8FEB-3BE480A6DB27}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
adobe (HKLM\...\{ECA002A5-48AB-4B43-86FC-8E9AA65C7077}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{bb524cb9-b65f-4f06-97f4-48c851e87a57}) (Version: 20.80.0 - Intel Corporation)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - )
CorelDRAW Graphics Suite 2017 (HKLM\...\{03E21392-CE4A-4FC6-B593-370E7A7E345A}) (Version: 19.0 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
ELAN Touchpad 11.5.22.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.22.2 - ELAN Microelectronic Corp.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{30AAEA0C-2993-4ED6-8ABC-48499DA53D87}) (Version: 12.0.27.0 - ESET, spol. s r.o.)
Exif Pilot 5.1 (HKLM-x32\...\Exif Pilot_is1) (Version: 5.1 - Two Pilots)
Flashtool (HKLM-x32\...\Flashtool) (Version: 0.9.24.4 - Androxyde)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.62 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grammarly for Microsoft® Office Suite (HKLM\...\{C42F31A9-9B72-4F6A-A28D-82F8BDE5FF3E}) (Version: 6.7.139 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-1248986085-3350451917-519491516-1001\...\{bb18e955-50c6-42a1-9219-168db073252a}) (Version: 6.7.139 - Grammarly)
HP DeskJet 4530 series Nápověda (HKLM-x32\...\{6533E793-4E8D-4C7C-B287-4115DA1F40E3}) (Version: 36.0.0 - Hewlett Packard)
HP Dropbox Plugin (HKLM-x32\...\{0078F518-B5B5-4857-8939-199E752A4190}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{F260117F-45E4-483E-B10F-C80224558C4D}) (Version: 36.0.41.58587 - HP)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000070-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.70.0 - Intel Corporation)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
K-Lite Mega Codec Pack 14.3.6 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.6 - KLCP)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Microsoft Office 2013 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 15.0.5075.1001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d3ea57b6-46d6-4824-a20f-6b8213001903}) (Version: 14.10.25017.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{e89464af-e7f0-4ed3-bf43-f1a5986113db}) (Version: 14.10.25017.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MKVToolNix 27.0.0 (64-bit) (HKLM-x32\...\MKVToolNix) (Version: 27.0.0 - Moritz Bunkus)
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.90a (HKLM-x32\...\Mp3tag) (Version: 2.90a - Florian Heidenreich)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6 - Notepad++ Team)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.5075.1001 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ovládací panel NVIDIA 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 391.35 - NVIDIA Corporation) Hidden
paint.net (HKLM\...\{36C264F3-0458-42D9-A091-807B5CEB0FA8}) (Version: 4.1.1 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8447 - Realtek Semiconductor Corp.)
Recuva version 1.53.1087 (HKLM\...\{8EB7BD44-B4BA-4DA4-8748-DAB5FF9686CE}_is1) (Version: 1.53.1087 - Piriform)
Resource Hacker Version 4.3.20 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Služba Xperia Companion (HKLM\...\{826B080E-3B85-448D-99C3-D843D54ED116}) (Version: 1.9.2.0 - Sony) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Studie vylepšování produktu HP DeskJet 4530 series (HKLM\...\{93AB5884-7DE1-4F7E-881D-0AA548DD32E5}) (Version: 40.11.1122.1796 - HP Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)
Ulož.to FileManager verze 2.45 (HKLM-x32\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.45 - Uloz.to cloud a.s.)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 45.0 - Ubisoft)
USB2.0 UVC VGA WebCam (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10253 - Realtek Semiconductor Corp.)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Xperia Companion (HKLM-x32\...\{74C27C4F-BCDF-4D88-8B04-E5C7609AB1EB}) (Version: 1.9.2.0 - Sony) Hidden
Xperia Companion (HKLM-x32\...\{b677a3f8-01ab-49df-92a8-d039691c0e2d}) (Version: 1.9.2.0 - Sony)
Základní software zařízení HP DeskJet 4530 series (HKLM\...\{BC36C273-E8B5-4673-826C-13D8CA9458F6}) (Version: 40.11.1122.1796 - HP Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1248986085-3350451917-519491516-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Kedar\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.139\52F3D36D4B\GrammarlyShim64.dll (CompanyName)
CustomCLSID: HKU\S-1-5-21-1248986085-3350451917-519491516-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1248986085-3350451917-519491516-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll -> No File
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-11-20] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-11-13] ()
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-12] (ESET)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-12] (ESET)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2017-10-25] (Florian Heidenreich)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-11-20] ()
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-10-12] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B164D14-0A32-42CF-8AC5-B5472B2E05C1} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1248986085-3350451917-519491516-1002 => C:\Users\Kedar\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {2282F823-BCFD-4355-BC4F-1BB47E08EE2B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {30088FFB-DC6C-48FD-8CD3-25F61BAA5236} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {39DAC629-0D48-4DFA-B9DB-DBAECCB084AD} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {3E1E84DA-D420-4820-9DEC-CC4B481477EA} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {565BA0B8-572A-4D1C-ABA2-874950707A54} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {6B5A2A1B-699C-41EE-8357-CA9B57EB8129} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {72FA421D-D5BD-4E0D-B0E5-48CE4BA16589} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7971F5F3-C7A7-467E-8514-857F8BB2431A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {7A35A2E3-3CB4-4E28-B98D-832C02003592} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {88896677-1DC2-4652-BE34-E2268C1D6D57} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {89096622-C49C-48D0-B41D-D8D6BD136831} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-11-03] (Realtek Semiconductor)
Task: {8CF36692-E445-48F5-B0F2-5D595EE74BA2} - System32\Tasks\AdobeGCInvoker-1.0-KEDAR-PC-Kedar => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {900281A7-E8CE-4AE7-A5EF-07013BBF628D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {A2B18B43-A2CA-4C80-A1BD-45FCC4854C83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {ABE4A9B6-4B73-4D0B-A6D3-49593FF6CF15} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {AD4E8AFB-A48C-4E13-BE83-B8D87600CFB4} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {B79DF4D7-4457-4904-84F2-AC256B5B9D45} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {B8815E42-796A-48FF-9760-40C544E14F22} - System32\Tasks\S-1-5-21-1248986085-3350451917-519491516-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {BBD97896-E3C3-4EEC-A49B-3E0B3F9A56E5} - System32\Tasks\AdobeAAMUpdater-1.0-KEDAR-PC-Kedar => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {BC49F6B2-F368-416B-B88F-30706ED24162} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {CE47CB14-96E8-4F2D-8B06-FEDF96BD6CA2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {D192B5DF-1994-4D6A-BC8A-FB566333D2E8} - System32\Tasks\HPCustParticipation HP DeskJet 4530 series => C:\Program Files\HP\HP DeskJet 4530 series\Bin\HPCustPartic.exe [2017-04-06] (HP Inc.)
Task: {D46A41E2-1ACE-40B8-9BB8-6195688A3CC5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {DAC22C32-CEAF-4EBD-B100-C647180260AD} - System32\Tasks\AdobeGCInvoker-1.0-KEDAR-PC-Pepa => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E8405A4C-9E6B-4BA0-BEBE-3CB08CA2F3F9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {EBED0435-7FEB-4564-A0FA-C2879ACC3718} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {F53AEBA8-531D-46B8-956C-81C9BFD426A9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-11-03] (Realtek Semiconductor)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-02-26 18:05 - 2018-03-24 02:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2017-03-05 20:47 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2018-07-12 07:02 - 2018-07-19 21:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-08-21 11:14 - 2018-08-21 11:14 - 000076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 13:02 - 2018-10-04 13:03 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-14 14:02 - 2018-11-14 14:02 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-14 14:02 - 2018-11-14 14:03 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-21 11:29 - 2018-11-20 04:08 - 005237080 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.62\libglesv2.dll
2018-11-21 11:29 - 2018-11-20 04:08 - 000117080 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.62\libegl.dll
2017-03-09 01:16 - 2017-03-09 01:16 - 000112264 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-11-06 16:07 - 2018-11-06 16:07 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 16:07 - 2018-11-06 16:07 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 16:07 - 2018-11-06 16:07 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-17 19:23 - 2018-11-17 19:25 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-17 19:23 - 2018-11-17 19:25 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-17 19:23 - 2018-11-17 19:25 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-10-05 07:34 - 2017-10-05 07:35 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-17 19:23 - 2018-11-17 19:24 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-17 19:23 - 2018-11-17 19:25 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-17 14:17 - 2018-08-17 14:18 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-17 14:17 - 2018-08-17 14:18 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-03-29 21:56 - 2018-03-29 21:58 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-17 19:23 - 2018-11-17 19:25 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-17 19:23 - 2018-11-17 19:24 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-17 19:23 - 2018-11-17 19:24 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 18:09 - 2018-08-30 18:11 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 15:51 - 2018-07-27 15:52 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-16 07:40 - 2018-10-16 07:40 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 06:12 - 2018-09-26 06:12 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-07-12 07:02 - 2018-07-19 21:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 12:47 - 2018-11-20 10:49 - 000000841 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1248986085-3350451917-519491516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kedar\AppData\Local\Temp\\pidor.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: 360DocProtect => 2
MSCONFIG\Services: EsgShKernel => 2
MSCONFIG\Services: ShMonitor => 2
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [{ED815389-A5C4-4AFE-AF8B-17AB0AE981F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{62DDAA46-368C-4203-B56C-DC5F11AE4123}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{10D2BD79-F794-4E71-935F-D08ED93BFE1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{91BC5C07-BD29-4B97-9F6B-5E3A637F2509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{83F86B98-3353-4A36-AF39-76ACD4455247}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{76C269AE-D808-44CB-8ABA-F34EB253DA61}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{E3412F07-E0E0-41DE-9E6C-A4B596CD19A4}C:\program files\hp\hp deskjet 4530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 4530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [UDP Query User{337039E5-D8A7-425F-B42E-98BBC136FB6D}C:\program files\hp\hp deskjet 4530 series\bin\hpnetworkcommunicatorcom.exe] => (Allow) C:\program files\hp\hp deskjet 4530 series\bin\hpnetworkcommunicatorcom.exe
FirewallRules: [{21F445A0-D506-4CD9-A1F2-85A309EE4528}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C172DB40-A9E4-4745-93FC-353C8430BE28}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{91B89B7F-D732-4EE8-B6B2-BB5F05649BED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{080EC946-58AF-4D65-BF4A-6EDEC745DACF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{18A3840A-4ED1-4EA6-B172-87A787A884BD}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{86CF7E93-655E-469C-A52F-6D96657D2E38}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{51AE520F-D74B-42F8-BF56-C21C44482A87}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7A48FCD2-D73D-4F3C-82BF-B7C9AB5FDA57}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
21-11-2018 11:30:56 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/20/2018 07:15:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MicrosoftEdgeCP.exe, verze: 11.0.17763.1, časové razítko: 0x90f701bc
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x0000000000000203
ID chybujícího procesu: 0x28e4
Čas spuštění chybující aplikace: 0x01d480fcf9bf43b2
Cesta k chybující aplikaci: C:\Windows\System32\MicrosoftEdgeCP.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 71e2894a-113b-4144-8aad-85f0ca4bd7b7
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: MicrosoftEdge
Error: (11/20/2018 10:48:35 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (11/20/2018 10:46:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.134, časové razítko: 0xc30ded87
Kód výjimky: 0xc0000409
Posun chyby: 0x0011ab32
ID chybujícího procesu: 0x8b4
Čas spuštění chybující aplikace: 0x01d480b5d8812da3
Cesta k chybující aplikaci: C:\Users\Kedar\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 04c3bb96-71ad-4985-8061-db744829947f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/18/2018 12:07:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.17763.107, časové razítko: 0x695ecd5a
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.17763.1, časové razítko: 0x309241e0
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000006f08e
ID chybujícího procesu: 0x11a4
Čas spuštění chybující aplikace: 0x01d47f2eed5e7e6e
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\ucrtbase.dll
ID zprávy: 0e99c4b6-deb6-467f-892b-233b1e69f893
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/17/2018 07:35:08 PM) (Source: MsiInstaller) (EventID: 11316) (User: KEDAR-PC)
Description: Produkt: Adobe Acrobat Reader DC - Czech -- Chyba 1316.Zadaný účet již existuje.
Error: (11/17/2018 07:33:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (11/17/2018 07:31:31 PM) (Source: MsiInstaller) (EventID: 11316) (User: KEDAR-PC)
Description: Produkt: Adobe Acrobat Reader DC - Czech -- Chyba 1316.Zadaný účet již existuje.
Error: (11/17/2018 07:30:55 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
System errors:
=============
Error: (11/21/2018 06:00:29 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Kedar (SID: S-1-5-21-1248986085-3350451917-519491516-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 06:00:28 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Kedar (SID: S-1-5-21-1248986085-3350451917-519491516-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 06:00:27 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Kedar (SID: S-1-5-21-1248986085-3350451917-519491516-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 06:00:27 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Kedar (SID: S-1-5-21-1248986085-3350451917-519491516-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 05:57:03 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Kedar (SID: S-1-5-21-1248986085-3350451917-519491516-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 05:56:07 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Pepa (SID: S-1-5-21-1248986085-3350451917-519491516-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 05:56:03 PM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Pepa (SID: S-1-5-21-1248986085-3350451917-519491516-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/21/2018 11:27:58 AM) (Source: DCOM) (EventID: 10016) (User: KEDAR-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli KEDAR-PC\Pepa (SID: S-1-5-21-1248986085-3350451917-519491516-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-11-02 19:13:23.711
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CFA90C90-D94E-43D5-97E2-68B2B4B9541F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: KEDAR-PC\Kedar
Date: 2018-11-02 19:06:36.934
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: KEDAR-PC\Kedar
Název procesu: C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Verze podpisu: AV: 1.279.1017.0, AS: 1.279.1017.0, NIS: 1.279.1017.0
Verze modulu: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-11-02 19:06:36.068
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe; process:_pid:5624,ProcessStart:131856555262438668
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Verze podpisu: AV: 1.279.1017.0, AS: 1.279.1017.0, NIS: 1.279.1017.0
Verze modulu: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-11-02 19:05:42.603
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: KEDAR-PC\Kedar
Název procesu: C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Verze podpisu: AV: 1.279.1017.0, AS: 1.279.1017.0, NIS: 1.279.1017.0
Verze modulu: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-11-02 19:05:28.654
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Users\Kedar\AppData\Local\Temp\601F.tmp.exe
Verze podpisu: AV: 1.279.1017.0, AS: 1.279.1017.0, NIS: 1.279.1017.0
Verze modulu: AM: 1.1.15400.4, NIS: 1.1.15400.4
Date: 2018-10-21 17:56:56.008
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o obnovení položky z karantény.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Uživatel: KEDAR-PC\Kedar
Kód chyby: 0x80508014
Popis chyby: Položku v karanténě nelze obnovit.
Verze podpisu: AV: 1.279.216.0, AS: 1.279.216.0
Verze modulu: 1.1.15400.4
Date: 2018-10-20 11:41:41.635
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.279.99.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15400.4
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2018-10-06 14:32:48.525
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
Date: 2018-10-06 13:42:36.859
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.
CodeIntegrity:
===================================
Date: 2018-11-17 22:56:50.238
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:56:50.228
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:56:50.205
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:56:50.194
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:45:51.215
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:45:51.179
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:45:51.113
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-11-17 22:45:51.099
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 24%
Total physical RAM: 8102.69 MB
Available physical RAM: 6077.62 MB
Total Virtual: 14502.69 MB
Available Virtual: 12060.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.6 GB) (Free:21.86 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:125 GB) (Free:20.39 GB) NTFS
\\?\Volume{0c14ca08-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS
\\?\Volume{0c14ca08-0000-0000-0000-c08518000000}\ () (Fixed) (Total:0.47 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 223.6 GB) (Disk ID: 0C14CA08)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=486 MB) - (Type=27)
Partition 4: (Not Active) - (Size=125 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
