Racunar radi usporeno

1

Racunar radi usporeno

offline
  • Pridružio: 07 Sep 2018
  • Poruke: 12

Kompjuter radi jako usporeno, procesor je zakucan na maksimum i ako nista nije upaljeno.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by Mirko (07-09-2018 20:48:36)
Running from C:\Users\Mirko\Desktop
Windows 10 Pro Version 1803 17134.228 (X64) (2018-05-19 10:02:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3927969305-3862238522-4201178923-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3927969305-3862238522-4201178923-503 - Limited - Disabled)
Guest (S-1-5-21-3927969305-3862238522-4201178923-501 - Limited - Disabled)
Mirko (S-1-5-21-3927969305-3862238522-4201178923-1001 - Administrator - Enabled) => C:\Users\Mirko
WDAGUtilityAccount (S-1-5-21-3927969305-3862238522-4201178923-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\uTorrent) (Version: 3.5.4.44520 - BitTorrent Inc.)
Adobe After Effects CC 2018 (HKLM-x32\...\AEFT_15_1_1) (Version: 15.1.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated)
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Premiere Pro CC 2018 (HKLM-x32\...\PPRO_12_1_1) (Version: 12.1.1 - Adobe Systems Incorporated)
AORUS GRAPHICS ENGINE (HKLM-x32\...\AORUS GRAPHICS ENGINE_is1) (Version: 1.3.3 - GIGABYTE Technology Co.,Inc.)
AutoCAD 2007 - English (HKLM-x32\...\{5783F2D7-5001-0409-0002-0060B0CE6BBA}) (Version: 17.0.54.110 - Autodesk)
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0009 - Bloody)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Discord (HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{FE3CD7B8-14D4-46E9-A206-2C8F2C0E6F1F}) (Version: 1.1.139.0 - Epic Games, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Macromedia Flash Player 8 (HKLM-x32\...\ShockwaveFlash) (Version: 8 - Macromedia)
Microsoft OneDrive (HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61135 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61135 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61135 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61135 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61135 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{FD9D64F4-CAF5-3D23-845A-B843C78CC1A5}) (Version: 10.0.60830 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{756E195A-CB58-4B99-917F-0DDA0D881204}) (Version: 1.0.4.0 - Mojang)
Mozilla Firefox 61.0.2 (x64 sr) (HKLM\...\Mozilla Firefox 61.0.2 (x64 sr)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.1 - Mozilla)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.07 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.1.0 - OBS Project)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Rocket League (HKLM-x32\...\Rocket League_is1) (Version: - )
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subnautica (HKLM-x32\...\Subnautica_is1) (Version: - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Universe (HKLM\...\Universe Premium_is1) (Version: 2.0 CE - Team V.R)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)
Wondershare Filmora(Build 8.7.1) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3927969305-3862238522-4201178923-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-9A52C469B993}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-3927969305-3862238522-4201178923-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ShellIconOverlayIdentifiers-x32-x32: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\SysWOW64\AcSignIcon.dll [2006-03-05] (Autodesk)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk shared\dwf common\DWFShellExtension.dll [2005-11-15] (Autodesk, Inc.)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-26] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15D428F0-215F-4C4E-A534-D4AAA919F062} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {17DCCE74-729B-42C6-B7B3-D16B22B1CE43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-31] (Google Inc.)
Task: {31AF4CCB-F3A8-434F-8BEB-598827C7A50B} - System32\Tasks\Launcher GIGABYTE AORUS GRAPHICS ENGINE => C:\Program Files (x86)\GIGABYTE\AORUS GRAPHICS ENGINE\AORUS.exe [2018-04-03] (GIGABYTE Technology Co.,Ltd.)
Task: {38C551DE-7787-417D-82B3-D1FF922CBEEC} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {43DC485F-48C1-43B7-AA02-D338FA681201} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {469E6341-C924-435B-B2DA-EC8707459E26} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-19] (NVIDIA Corporation)
Task: {4947F431-7216-44CD-846D-BB20F68D0954} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {4EC8EA03-A32F-4133-9740-168706C3F3D7} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-19] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7743B2AD-0E69-4B0C-803B-5E6AC759C372} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-26] (AVAST Software)
Task: {7B66B5CD-46E8-4F41-BAA8-01507F7F1710} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-19] (NVIDIA Corporation)
Task: {84A42DE0-727A-448A-80D4-E4BAD9B7DF64} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-19] (AVAST Software)
Task: {863D4F8B-65DD-4A35-A706-ACCFC2554DF6} - System32\Tasks\update-S-1-5-21-3927969305-3862238522-4201178923-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {8D5208FD-E4EF-4FE4-8F3F-F53A635B6020} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {A5DF54F8-3C6B-4584-8E14-3934FBA2F8CC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-31] (Google Inc.)
Task: {AE63DDE7-B8C7-41AC-A802-BA7EB6347E32} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-mirkor23@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {BBD2C9EF-EE10-4A06-8765-B764650D1C3C} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-19] (NVIDIA Corporation)
Task: {D7A6F3C7-31C3-4CCC-8908-280A19C9D621} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {DE1F41C6-928A-4636-A1F2-64671B8BB63C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {E8113E30-5DE0-46A6-8A82-2DDCBD9192DB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {ECF2FB0D-6FC4-4008-A3CA-64156D00B402} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-19] (NVIDIA Corporation)
Task: {EE41546A-618B-4C36-BA7C-2CCE44E683C5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-19] (NVIDIA Corporation)
Task: {F495F95D-C072-4A59-946B-C15CF1091C71} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\update-S-1-5-21-3927969305-3862238522-4201178923-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-05-29 23:29 - 2018-07-19 22:20 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-15 14:03 - 2018-08-03 05:09 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-08-11 10:25 - 2018-08-11 10:26 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 10:25 - 2018-08-11 10:26 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 10:25 - 2018-08-11 10:25 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-31 12:13 - 2017-12-31 12:13 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 10:25 - 2018-08-11 10:25 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-04-27 09:36 - 2018-04-26 05:14 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libglesv2.dll
2018-04-27 09:36 - 2018-04-26 05:14 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.139\libegl.dll
2018-05-29 23:30 - 2018-07-19 22:19 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-29 23:30 - 2018-07-19 22:19 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-05-29 23:30 - 2018-07-19 22:19 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-04-26 09:40 - 2018-07-19 22:19 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [484]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [478]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\Software\Classes\.scr: AutoCADScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2018-09-07 20:39 - 000000858 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 platform.wondershare.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mirko\Desktop\wallpaper2you_385427.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "AutoCAD Startup Accelerator.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "EvtMgr6"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\StartupFolder: => "GIGABYTE AORUS GRAPHICS ENGINE.lnk"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\StartupFolder: => "Adobe Gamma.lnk"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3927969305-3862238522-4201178923-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3023E0DC-F86D-43E1-8FE5-355C9A31F15C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{53F5D936-7BA1-434A-9963-067C61037E8B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{28F23786-94B3-46DF-BDE9-A141A993A821}] => (Allow) C:\Users\Mirko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F13E8BAE-2034-4E13-83B2-664EC46299C7}] => (Allow) C:\Users\Mirko\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2C7F24B1-186E-47D0-B16F-DA8A306C4BC5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{4A380E01-B925-4A1E-B4A2-4388FFC2E469}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [TCP Query User{F54AB871-C2B7-407A-812B-DA70EC8BD5B3}C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe] => (Allow) C:\program files (x86)\gigabyte\aorus graphics engine\aorus.exe
FirewallRules: [UDP Query User{4D0B457A-6411-493D-86F9-A6453AC1D501}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe
FirewallRules: [TCP Query User{2AFDFC25-D52D-40C2-9C5F-E29CA5857B72}C:\program files (x86)\battle.net\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.exe
FirewallRules: [UDP Query User{724ED8A5-2877-4F57-AED3-3B5C54365431}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{24594DA1-6CEE-4C2C-8D7B-5DE5E95F6786}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{44486519-964C-4CAA-90CF-6C12527411A4}] => (Allow) C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
FirewallRules: [{E90D420B-DD6F-4DB0-8CFD-6949D5E62D39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F7912FFB-A34C-4E0C-9E83-2228D0099116}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DCD5D4EB-CEC7-4C59-A41B-679899678061}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EC3BD6E6-1C1F-4858-BBCB-994ACCCE8559}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{1DBD1060-278D-481D-A8B1-D81352353898}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{44688B7B-6AAD-440B-8DD4-9271D164E1CE}C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) C:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{495931D1-9D65-41EA-A950-043502116901}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{1DE87266-8845-444C-B2C3-F665ED1C929B}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{11226CD6-7B06-4C9B-B30D-A756E64D2176}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{B89C5222-539D-45ED-8D82-8B7F0DAE175A}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{A14431C1-1259-4840-B0A7-9EFCE8929584}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{2E1D4DD3-B2F4-48CB-89C2-F93D48130421}C:\program files (x86)\subnautica\subnautica.exe] => (Allow) C:\program files (x86)\subnautica\subnautica.exe
FirewallRules: [UDP Query User{38B977E2-3306-4FE0-A5C8-9326297B2F7B}C:\program files (x86)\subnautica\subnautica.exe] => (Allow) C:\program files (x86)\subnautica\subnautica.exe
FirewallRules: [{446C8B31-6953-4CB4-80E2-0794F9D2E0CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A0D24893-8599-44FE-ABD1-57C51511192A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{72DCE9B3-F57D-451F-BDE5-CF1E362CBF23}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C779A56A-EAB6-42EC-9C5B-E3E0809AF018}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8395473B-3054-417B-8E36-30AC0E0FFC7C}] => (Allow) C:\Users\Mirko\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe
FirewallRules: [{E9CF2C3D-475C-41C7-81E1-D312DB8BEA1E}] => (Allow) C:\Users\Mirko\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe
FirewallRules: [{F62E1A3A-7230-45B5-A548-2E602F529FF4}] => (Allow) C:\Users\Mirko\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe
FirewallRules: [{8A6B54EF-1E31-4CB3-AED5-450780B6AAD2}] => (Allow) C:\Users\Mirko\AppData\Roaming\Tencent\TxGameAssistant\GameDownload\TenioDL.exe
FirewallRules: [{20C2DA3A-3C54-44E7-BA27-58FA9220304D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [{91A3CF6F-119D-4700-A070-E11FD33DF3A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm Royale\Binaries\Win64\RealmEAC.exe
FirewallRules: [TCP Query User{2EE4FA4A-7F1B-4DE1-8B5E-E5F27603358F}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [UDP Query User{BE0D80AD-09A6-4067-B2AD-7D649409CE2B}C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\realm royale\binaries\win64\realm.exe
FirewallRules: [TCP Query User{87348862-F8A7-4A96-ADA3-637A00D7C527}C:\program files\epic games\ue_4.18\engine\binaries\win64\ue4editor.exe] => (Block) C:\program files\epic games\ue_4.18\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{ACF41340-05C8-4DD4-9D76-D8E94F8DFDF8}C:\program files\epic games\ue_4.18\engine\binaries\win64\ue4editor.exe] => (Block) C:\program files\epic games\ue_4.18\engine\binaries\win64\ue4editor.exe
FirewallRules: [{F72BCAD4-7A28-4814-AC4F-D33AFDE929B7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C1CFBB7C-D6ED-40E7-9F35-3C950609D70C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{8291A938-DAD7-4BED-ACF5-C74391B9693C}C:\program files (x86)\assassins creed iii\ac3sp.exe] => (Allow) C:\program files (x86)\assassins creed iii\ac3sp.exe
FirewallRules: [UDP Query User{5B2E450A-6FAA-4F45-AF16-A3ED14966190}C:\program files (x86)\assassins creed iii\ac3sp.exe] => (Allow) C:\program files (x86)\assassins creed iii\ac3sp.exe
FirewallRules: [TCP Query User{7BB4987C-76C6-48DD-BAC9-81690EBACBD4}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{D2476239-4E86-4A9E-A813-7B6FFF8D1E3D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{343181F5-BDEB-4BB5-BC8E-6C35B73D5D19}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B8B6DEC1-0545-4407-9B45-6E15DE1E6B89}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{76273A82-4B49-4E2F-9B3D-9DE09B16814B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EF13A3E2-3900-4246-8E1A-1B8E038E8790}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F6E16C33-EAA0-4FA4-AED6-4502E88F81F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C5D5C46-BAAF-4683-B432-B6FF0C1D1E50}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F3C92666-0392-400D-B61F-81B1E27A7782}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [UDP Query User{9D0534DC-D8B1-437B-8B68-A16FBF0BA1EB}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.159\deploy\leagueclient.exe
FirewallRules: [{AF2FC43C-24B4-466B-8D86-BE7B39E81F1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E0219314-368C-4388-9441-92B858F32729}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{361496A9-08CF-4F97-8BC9-D07D5625CF55}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0D6C89E6-508B-494C-B81D-B8A7038E195C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{61B5ACD7-880A-4E26-86FA-BF4B3C6CB79C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D0AF8A8-0ECA-42A2-BF1D-995EB7CF0018}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{045E49A4-52D4-4DD1-99E0-692465590880}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3D50142C-AC25-4891-829D-EE41562B7453}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.88.353.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1A68776E-1259-4803-AA69-4A982428351C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{45CF1854-947A-4DE1-87A5-8947A097198F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe
FirewallRules: [{48B93FF0-59F6-4CD0-BCC1-3CE5FFD3C744}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3F5840DC-7C11-4D63-BFEA-3D442694AC05}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [TCP Query User{56971492-6B92-4388-A5B8-144D67AD17F4}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [UDP Query User{156BD7F6-DC38-47F7-A0C5-31F39098CBE2}C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe] => (Allow) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{519DEEA1-BA80-4808-A946-890B842E4C69}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{98E488F3-8862-4C2B-9E28-B3CCE6795ECD}] => (Block) C:\riot games\league of legends\rads\projects\league_client\releases\0.0.0.160\deploy\leagueclient.exe
FirewallRules: [{75291C27-41F2-4693-913D-0BBCBDF94003}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{2ECCC225-E437-49FC-B528-84548D9277B3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{9B9560B8-7AF3-4769-9300-35F607C8BD3C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{9A55F31F-6E99-47A5-B3FF-71FFC31E11AE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{F2DB5C62-63C8-45AF-9D51-6B1238A0A7BF}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe
FirewallRules: [UDP Query User{6D034FA1-9256-4435-97CE-87F7426C529B}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe

==================== Restore Points =========================

26-08-2018 22:22:00 Scheduled Checkpoint
30-08-2018 02:27:53 Removed LogMeIn Hamachi
07-09-2018 13:04:37 Removed Avast Driver Updater

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/07/2018 01:05:17 PM) (Source: MsiInstaller) (EventID: 11723) (User: BLUE)
Description: Product: Avast Driver Updater -- Error 1723. There is a problem with this Windows Installer package. A DLL required for this install to complete could not be run. Contact your support personnel or package vendor. Action UlReportUninstall, entry: ReportUninstall, library: C:\WINDOWS\Installer\MSID9EC.tmp

Error: (09/07/2018 11:57:42 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (09/07/2018 11:57:41 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (09/07/2018 12:16:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.17134.228 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: e78

Start Time: 01d4462ed2f547fd

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Report Id: 07d0fe9b-8283-445c-be55-5a5b6e332f4a

Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: CortanaUI

Error: (09/06/2018 11:25:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GameBar.exe, version: 1.16.1804.1007, time stamp: 0x5b7b1a1b
Faulting module name: CoreUIComponents.dll, version: 10.0.17134.112, time stamp: 0xad174454
Exception code: 0xc0000005
Fault offset: 0x0000000000083d22
Faulting process ID: 0x15d0
Faulting application start time: 0x01d44627c15dcfbc
Faulting application path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe\GameBar.exe
Faulting module path: C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
Report ID: d7af6efc-2a0f-49e4-899e-644d16acb056
Faulting package full name: Microsoft.XboxGamingOverlay_1.16.1007.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App

Error: (09/06/2018 11:25:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 10.0.17134.165 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1558

Start Time: 01d446234d7e6109

Termination Time: 0

Application Path: C:\Windows\explorer.exe

Report Id: ccd25c90-e12b-4d3a-92bd-a1529a1f6a6f

Faulting package full name:

Faulting package-relative application ID:

Error: (09/06/2018 09:29:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_CDPUserSvc, version: 10.0.17134.1, time stamp: 0xa38b9ab2
Faulting module name: wintypes.dll, version: 10.0.17134.112, time stamp: 0xfa824cee
Exception code: 0xc0000005
Fault offset: 0x000000000000d751
Faulting process ID: 0x1c30
Faulting application start time: 0x01d445d927d11c6d
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\wintypes.dll
Report ID: de8458de-62b7-46d5-a06d-be8c91d34ea2
Faulting package full name:
Faulting package-relative application ID:

Error: (09/04/2018 11:13:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xcb43d9c5
Faulting module name: ntdll.dll, version: 10.0.17134.228, time stamp: 0x6d15b6d7
Exception code: 0xc0000409
Fault offset: 0x00000000000a0ea4
Faulting process ID: 0x1a38
Faulting application start time: 0x01d4442f63e33df2
Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report ID: 72c7a367-1ccc-4441-abe8-af17613ea13a
Faulting package full name: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App


System errors:
=============
Error: (09/07/2018 08:41:54 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 08:07:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AvastWscReporter service failed to start due to the following error:
The pipe has been ended.

Error: (09/07/2018 08:04:21 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 07:26:55 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 05:41:08 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 01:09:45 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 12:32:24 PM) (Source: DCOM) (EventID: 10016) (User: BLUE)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user blue\Mirko SID (S-1-5-21-3927969305-3862238522-4201178923-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (09/07/2018 12:07:51 PM) (Source: DCOM) (EventID: 10010) (User: BLUE)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-07-11 18:09:48.043
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EAF87CE3-1862-4653-A559-CC8E921FEDE6}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-11 15:02:38.647
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {0A91CC7A-F2A5-43E9-A8AD-550E54B3CA6B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-10 23:50:48.073
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {837A3EB1-B41D-4314-8309-49BE8A7FBE75}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-10 22:13:45.744
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8101E29F-9404-4A91-8B49-8DC26565420E}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-07-10 20:19:14.537
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C1D564BF-638A-449A-8F97-D7E79A778716}
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===================================

Date: 2018-09-07 00:25:56.269
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-07 00:25:56.089
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 19:38:10.515
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 19:38:10.284
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 11:50:06.131
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 11:50:05.913
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 11:49:56.502
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2018-09-02 11:49:50.975
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 7658.13 MB
Available physical RAM: 4677.28 MB
Total Virtual: 12010.13 MB
Available Virtual: 8203.37 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.29 GB) (Free:207.12 GB) NTFS ==>[drive with boot components (obtained from BCD)]

\\?\Volume{8d7173f3-0000-0000-0000-e05274000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 8D7173F3)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=475 MB) - (Type=27)

==================== End of Addition.txt ============================
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Nisi postavio FRST.txt.

offline
  • Pridružio: 07 Sep 2018
  • Poruke: 12

Promakao mi je fajl, evo ga.
mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Ne vidim tragove malwarea. Otvori Task Manager, uđi u karticu Details i pogledaj koji proces najviše opterećuje CPU.

offline
  • Pridružio: 07 Sep 2018
  • Poruke: 12

Napisano: 08 Sep 2018 15:52

Bilo koji program da upalim cpu ce raditi 100%

Dopuna: 08 Sep 2018 15:57

da li moram da cekam 3 sata za svaki vas odgovor?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Sass Drake ::Ne vidim tragove malwarea. Otvori Task Manager, uđi u karticu Details i pogledaj koji proces najviše opterećuje CPU.

offline
  • Pridružio: 07 Sep 2018
  • Poruke: 12

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Details karticu u Task Manageru treba da vidim.

offline
  • Pridružio: 07 Sep 2018
  • Poruke: 12

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10445
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Da li ti rračunar radi usporeno i kad je CHrome zatvoren?

Ko je trenutno na forumu
 

Ukupno su 745 korisnika na forumu :: 5 registrovanih, 1 sakriven i 739 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 1798 - dana 19 Sep 2019 18:42

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 4channer, ekser222, Kos93, krunomiletic5, pera12345