Páginas Web tardan mucho en cargarse

Buenos días,

Desde al menos un par de días tengo un problema con internet. Lás páginas tardan en cargarse. Muchas veces no se cargan en primer intento, y tengo que repetir uno o más veces para que se cargen. Asímismo no es único problema, los launcher como GOG también son algo más lentos, y en Epic ni siquiera soy capaz de entrar en mi cuenta a pesar de que antes funcionaba perfectamente (en solucionador de problemas de Epic me sale el problema con “Terminales Regionales”).

Al principio pensé que el problema esta al lado de la calidad de internet, pero empiezo a dudar, ya que la velocidad de descarga es la misma que antes de la aparición del problema. Puede ser algo con firewall de windows? O de los antiviris? Tengo McAfee, y Spybot (versión gratuita). Pero estos programas tengo desde muchisimo tiempo, y los problemas desde un par de días.

Os pido ayuda, que no tengo ni idea como arreglar esto. Gracias!

Buenas @Bobek90 bienvenido al Foro.

Para revisar tu máquina, sigue estos pasos, en el orden indicado y leyendo todo lo explicado. :+1:

:one: Desactiva temporalmente el Antivirus :arrow_forward: Cómo deshabilitar temporalmente su Antivirus, mientras estemos realizando TODOS los pasos.

Vamos a descargar en TU ESCRITORIO(y NO en otro lugar :face_with_monocle:) todas las herramientas que vamos a utilizar en este procedimiento (pero no las ejecutes todavía) :


:two: Ejecutas las herramientas de una en una y en el orden indicado :



CCleaner.-

  • Instalas y Ejecutas CCleaner siguiendo los pasos indicados en el manual.

  • Úsalo primero en su opción de Limpiador para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.

  • Después usa su opción de Registro para limpiar todo el registro de Windows(haciendo copia de seguridad).

Malwarebytes.-

  • Instalas y Ejecutas MBAM siguiendo los pasos indicados en el manual.

  • Realiza un Análisis Completo. :white_check_mark:

  • Seleccionando TODOS a Cuarentena para enviarlo a la cuarentena y Reinicias el sistema.

  • En el apartado del manual :arrow_forward:Historial :arrow_backward: encontrarás el informe del MBAM, que debes copiar y pegar en tu próxima respuesta, para analizarlo.

AdwCleaner.-

  • Ejecuta Adwcleaner.exe.

  • Pulsamos en el botón Analizar ahora, y espera a que se realice el proceso, inmediatamente pulsa siempre sobre el botón Iniciar Reparación.

  • Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.

  • El log/informe lo encontramos en la pestaña “Informes”, volviendo a abrir el programa si fuese necesario, para poder copiarlo y pegarlo en tu próxima respuesta.

  • El informe también se puede encontrar en C:\AdwCleaner\Logs\AdwCleaner[C00].txt

Junkware Removal Tool.-

  • Ejecuta JRT.exe.

  • Y pulsar cualquier tecla para continuar, esperar pacientemente a que termine el proceso.

  • Si en algún momento te pide Reiniciar hazlo.

  • Al finalizar, un registro/informe (JRT.txt) se guardara en el escritorio y se abrirá automáticamente.

  • Copia y pega el contenido de JRT.txt en tu próxima respuesta.

Farbar Recovery Scan Tool.-

  • Ejecuta FRST.exe.

  • En el mensaje de la ventana del Disclaimer, pulsamos Yes

  • En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.

  • Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

:three: Poner los informes en tu próxima respuesta de :

  • Malwarebytes, AdwCleaner, JRT, FRST + Addition.txt, y en ese orden. :+1:

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Y nos cuentas como funciona tu equipo en relación al problema planteado. :face_with_monocle:

Saludos Javier.

Muchas gracias por tu ayuda y el tiempo que dedicaste para resolver mi problema. Acabo de terminar todos los pasos que indicaste, así que todavía no puede asegurar con certeza, pero hize una rápida ojeada y parece que todo esta arreglado. Por fin estoy capaz de entrar en mi cuenta en Epic launcher, y los pocos página Web que probé se cargaron rapidamente. A continuacion te voy mostrar los informes correspondientes y… una foto con una ventana que emergió despúes de reiniciar el sistema al acabar todos los análisis, y que puede explicar lo de Epic launcher.


Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 8/4/19
Hora del análisis: 17:46
Archivo de registro: e1960cd2-5a1d-11e9-998d-30e37ae324ba.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.563
Versión del paquete de actualización: 1.0.10037
Licencia: Gratis

-Información del sistema-
SO: Windows 10 (Build 17134.648)
CPU: x64
Sistema de archivos: NTFS
Usuario: DESKTOP-BBAM3MO\Lukasz

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 291178
Amenazas detectadas: 1
Amenazas en cuarentena: 1
Tiempo transcurrido: 0 min, 54 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 1
PUP.Optional.InstallCore, HKU\S-1-5-21-3098152612-1641899179-275015866-1001\SOFTWARE\1Q1F1S1C1P1E1C1F1N1C1T1H2UtF1E1I, En cuarentena, [427], [352832],1.0.10037

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 0
(No hay elementos maliciosos detectados)

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    04-08-2019
# Duration: 00:00:00
# OS:       Windows 10 Home
# Cleaned:  3
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\dobreprogramy
Deleted       HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted       HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1511 octets] - [08/04/2019 17:51:04]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-04-03.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    04-08-2019
# Duration: 00:00:05
# OS:       Windows 10 Home
# Scanned:  27198
# Detected: 3


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.FreeMakeConverter  HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
PUP.Optional.FreeMakeConverter  HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
PUP.Optional.Legacy             HKCU\Software\dobreprogramy

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64 
Ran by Lukasz (Administrator) on 08.04.2019 at 17:52:33,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67620EA6-9159-443C-A7A1-B5ACC1AA057A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.04.2019 at 17:53:20,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by Lukasz (administrator) on DESKTOP-BBAM3MO (08-04-2019 17:54:19)
Running from C:\Users\Lukasz\Desktop
Loaded Profiles: Lukasz (Available Profiles: Lukasz)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: Español (España, internacional)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Mixbyte Inc -> Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(cFos Software GmbH -> cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.) C:\Program Files\WMIHook\WMIHookBtnFn\WMI_Hook_Service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_18_12\mcapexe.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\McCSPServiceHost.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2017-01-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [IAStorIcon] => C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE [320568 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Nahimic2UILauncher] => C:\PROGRAM FILES\NAHIMIC\NAHIMIC2\USERINTERFACE\NAHIMIC2UILAUNCHER.EXE [705208 2016-08-30] (A-Volute -> )
HKLM-x32\...\Run: [mFanCtrl] => C:\Program Files\WMIHook\WMIHookBtnFn\mFanCtrl.exe [401968 2017-01-07] (Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.)
HKLM-x32\...\Run: [MSI Gaming Lan Manager] => C:\MSI\MSI Gaming Lan Manager\MSI_Gaming_Lan_Manager.exe [4440504 2017-01-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\Run: [ALLUpdate] => C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe [3670472 2015-07-28] (ALLPlayer Group -> ALLPlayer Group Ltd.)
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\Run: [Steam] => D:\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [35181968 2019-04-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22488952 2019-03-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Lukasz\Documents\DyingLight\out\settings\video.scr [1249 2018-09-10] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\Software\...\AppCompatFlags\Custom\GOTHIC.EXE: [{5fa21179-8540-43e2-b790-5f59435828c5}.sdb] -> GOG.com Gothic 2
HKLM\Software\...\AppCompatFlags\Custom\Gothic2.exe: [{5fa21179-8540-43e2-b790-5f59435828c5}.sdb] -> GOG.com Gothic 2
HKLM\Software\...\AppCompatFlags\Custom\H3Blade.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\Custom\Heroes3.exe: [{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb] -> HoMM III Compatibility Database
HKLM\Software\...\AppCompatFlags\Custom\Risen.exe: [{389384c4-37c5-440b-8196-2917b852cac7}.sdb] -> GOG.com Risen
HKLM\Software\...\AppCompatFlags\InstalledSDB\{389384c4-37c5-440b-8196-2917b852cac7}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{389384c4-37c5-440b-8196-2917b852cac7}.sdb [2019-03-23]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{5fa21179-8540-43e2-b790-5f59435828c5}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{5fa21179-8540-43e2-b790-5f59435828c5}.sdb [2018-01-20]
HKLM\Software\...\AppCompatFlags\InstalledSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb [2019-02-21]
Startup: C:\Users\Lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-11-10]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Lukasz\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-3098152612-1641899179-275015866-1001 -> DefaultScope {67620EA6-9159-443C-A7A1-B5ACC1AA057A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-02-08] (McAfee, Inc. -> McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\mcsniepl64.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files (x86)\mcafee\msc\mcsniepl.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)

FireFox:
========
FF DefaultProfile: 6c5s6x1s.default
FF ProfilePath: C:\Users\Lukasz\AppData\Roaming\Mozilla\Firefox\Profiles\6c5s6x1s.default [2019-04-08]
FF Homepage: Mozilla\Firefox\Profiles\6c5s6x1s.default -> google.pl
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-03-21]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 -> c:\program files\mcafee\msc\npmcsnffpl64.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\program files (x86)\mcafee\msc\npmcsnffpl.dll [2019-02-15] (McAfee, Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [726952 2015-09-29] (cFos Software GmbH -> cFos Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11082312 2019-03-28] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-03-29] (Mixbyte Inc -> Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [15744 2019-03-29] (Mixbyte Inc -> Ellora Assets Corp.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [791112 2019-03-16] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7172680 2018-12-20] (GOG Sp. z o.o. -> GOG.com)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17976 2016-09-20] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [515768 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-27] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-08-30] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Killer Network Service; C:\WINDOWS\system32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2483888 2018-07-13] (Rivet Networks LLC -> Rivet Networks)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-02-08] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_18_12\McApExe.exe [745880 2019-01-23] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.160.0\\McCSPServiceHost.exe [2158952 2018-12-17] (McAfee, Inc. -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [371840 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [604216 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [509728 2019-01-15] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1692552 2018-12-19] (McAfee, Inc. -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1360384 2019-02-05] (McAfee, Inc. -> McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4403496 2019-01-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WMI_Hook_Service; C:\Program Files\WMIHook\WMIHookBtnFn\WMI_Hook_Service.exe [166448 2017-01-07] (Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-12-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 xTendSoftAPService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [72880 2018-07-13] (Rivet Networks LLC -> CloudBees, Inc.)
R2 xTendUtilityService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [72880 2018-07-13] (Rivet Networks LLC -> CloudBees, Inc.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-08-04] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77384 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218408 2018-12-24] (McAfee, Inc. -> McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [174600 2017-04-13] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2017-01-14] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [150184 2018-07-13] (Rivet Networks LLC -> Rivet Networks, LLC.)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2018-04-12] (Microsoft Windows -> Qualcomm Atheros, Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-04-08] (Malwarebytes Corporation -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [373808 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86136 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517168 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [981032 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [563728 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2018-04-12] (Microsoft Windows -> Intel Corporation)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R2 WtfEngineDrv; C:\WINDOWS\system32\DRIVERS\WtfEngineDrv.sys [27904 2016-02-01] (Initex -> AAA Internet Publishing, Inc.)
S3 mfeavfk04; \Device\mfeavfk04.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-08 17:54 - 2019-04-08 17:54 - 000023839 _____ C:\Users\Lukasz\Desktop\FRST.txt
2019-04-08 17:54 - 2019-04-08 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-04-08 17:54 - 2019-04-08 17:54 - 000000000 ____D C:\FRST
2019-04-08 17:53 - 2019-04-08 17:53 - 000000734 _____ C:\Users\Lukasz\Desktop\JRT.txt
2019-04-08 17:51 - 2019-04-08 17:51 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-08 17:50 - 2019-04-08 17:51 - 000000000 ____D C:\AdwCleaner
2019-04-08 17:45 - 2019-04-08 17:45 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-08 17:45 - 2019-04-08 17:45 - 000000000 ____D C:\Users\Lukasz\AppData\Local\mbamtray
2019-04-08 17:45 - 2019-04-08 17:45 - 000000000 ____D C:\Users\Lukasz\AppData\Local\mbam
2019-04-08 17:45 - 2019-04-08 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-08 17:45 - 2019-04-08 17:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-08 17:45 - 2019-04-08 17:45 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-08 17:45 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-04-08 17:45 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-04-08 17:44 - 2019-04-08 17:44 - 000159368 _____ C:\Users\Lukasz\Documents\cc_20190408_174428.reg
2019-04-08 17:41 - 2019-04-08 17:42 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-08 17:41 - 2019-04-08 17:41 - 000002890 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-08 17:41 - 2019-04-08 17:41 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-04-08 17:41 - 2019-04-08 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-04-08 17:41 - 2019-04-08 17:41 - 000000000 ____D C:\Program Files\CCleaner
2019-04-08 17:37 - 2019-04-08 17:37 - 002434048 _____ (Farbar) C:\Users\Lukasz\Desktop\FRST64.exe
2019-04-08 17:34 - 2019-04-08 17:34 - 007025360 _____ (Malwarebytes) C:\Users\Lukasz\Desktop\adwcleaner_7.3.exe
2019-04-08 17:34 - 2019-04-08 17:34 - 001790024 _____ (Malwarebytes) C:\Users\Lukasz\Desktop\JRT.exe
2019-04-08 17:31 - 2019-04-08 17:32 - 062632672 _____ (Malwarebytes ) C:\Users\Lukasz\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10037.exe
2019-04-08 17:28 - 2019-04-08 17:29 - 021205512 _____ (Piriform Software Ltd) C:\Users\Lukasz\Desktop\ccsetup555.exe
2019-04-07 06:36 - 2019-04-07 06:36 - 000000000 ___HD C:\$SysReset
2019-04-07 01:03 - 2019-04-07 06:27 - 000000000 ____D C:\Program Files\WinPcap
2019-04-05 21:17 - 2019-04-07 06:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-03-28 00:45 - 2019-03-31 15:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-24 02:08 - 2019-03-24 02:08 - 000001105 _____ C:\Users\Public\Desktop\S.T.A.L.K.E.R. Call of Pripyat.lnk
2019-03-24 02:08 - 2019-03-24 02:08 - 000000000 ____D C:\Users\Lukasz\Documents\Stalker-COP
2019-03-24 02:08 - 2019-03-24 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Call of Pripyat [GOG.com]
2019-03-24 01:39 - 2019-03-24 01:39 - 000001124 _____ C:\Users\Public\Desktop\S.T.A.L.K.E.R. Clear Sky.lnk
2019-03-24 01:39 - 2019-03-24 01:39 - 000000000 ____D C:\Users\Lukasz\Documents\Stalker-STCS
2019-03-24 01:39 - 2019-03-24 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Clear Sky [GOG.com]
2019-03-24 01:12 - 2019-03-24 01:12 - 000001196 _____ C:\Users\Public\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.lnk
2019-03-24 01:12 - 2019-03-24 01:12 - 000000000 ____D C:\Users\Lukasz\Documents\Stalker-SHOC
2019-03-24 01:12 - 2019-03-24 01:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. Shadow of Chernobyl [GOG.com]
2019-03-24 00:38 - 2019-03-24 00:38 - 000001132 _____ C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2019-03-24 00:38 - 2019-03-24 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Risen 3 - Titan Lords Enhanced Edition [GOG.com]
2019-03-23 18:58 - 2019-03-23 18:58 - 000001419 _____ C:\Users\Public\Desktop\Risen 2 - Dark Waters.lnk
2019-03-23 18:58 - 2019-03-23 18:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Risen 2 - Dark Waters [GOG.com]
2019-03-23 18:15 - 2019-03-23 18:15 - 000001355 _____ C:\Users\Public\Desktop\Risen.lnk
2019-03-23 18:15 - 2019-03-23 18:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Risen [GOG.com]
2019-03-23 18:15 - 2019-03-23 18:15 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2019-03-23 18:04 - 2019-03-23 18:04 - 000001371 _____ C:\Users\Public\Desktop\Frostpunk.lnk
2019-03-23 18:04 - 2019-03-23 18:04 - 000000000 ____D C:\Users\Lukasz\AppData\Roaming\11bitstudios
2019-03-23 18:04 - 2019-03-23 18:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Frostpunk [GOG.com]
2019-03-13 02:05 - 2019-03-06 10:03 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 02:05 - 2019-03-06 09:44 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 02:05 - 2019-03-06 09:36 - 022716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 02:05 - 2019-03-06 09:28 - 004937728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-03-13 02:05 - 2019-03-06 07:14 - 006568528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 02:05 - 2019-03-06 06:49 - 004516352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-03-13 02:05 - 2019-02-16 11:24 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-13 02:04 - 2019-03-06 16:39 - 000720536 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 02:04 - 2019-03-06 16:37 - 001616608 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-13 02:04 - 2019-03-06 16:36 - 001047352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-13 02:04 - 2019-03-06 16:20 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-03-13 02:04 - 2019-03-06 16:19 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 02:04 - 2019-03-06 16:17 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 02:04 - 2019-03-06 16:17 - 000810496 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-13 02:04 - 2019-03-06 16:17 - 000116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 02:04 - 2019-03-06 16:14 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 02:04 - 2019-03-06 16:14 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 02:04 - 2019-03-06 16:14 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 02:04 - 2019-03-06 16:13 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 02:04 - 2019-03-06 16:13 - 001856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 02:04 - 2019-03-06 16:13 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 02:04 - 2019-03-06 16:13 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 02:04 - 2019-03-06 16:12 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-13 02:04 - 2019-03-06 13:18 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-13 02:04 - 2019-03-06 13:18 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 02:04 - 2019-03-06 13:10 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 02:04 - 2019-03-06 13:09 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 02:04 - 2019-03-06 13:06 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 02:04 - 2019-03-06 13:05 - 004054016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 02:04 - 2019-03-06 13:05 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 02:04 - 2019-03-06 13:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 02:04 - 2019-03-06 13:04 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 02:04 - 2019-03-06 12:59 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-03-13 02:04 - 2019-03-06 10:29 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 02:04 - 2019-03-06 10:16 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys


2019-03-13 02:04 - 2019-03-06 10:16 - 001457032 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-13 02:04 - 2019-03-06 10:16 - 001188000 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 02:04 - 2019-03-06 10:16 - 000776792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 02:04 - 2019-03-06 10:16 - 000722744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-13 02:04 - 2019-03-06 10:16 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-13 02:04 - 2019-03-06 10:16 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-13 02:04 - 2019-03-06 10:11 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 02:04 - 2019-03-06 10:10 - 000248880 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-03-13 02:04 - 2019-03-06 10:07 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 02:04 - 2019-03-06 10:07 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 02:04 - 2019-03-06 10:07 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 02:04 - 2019-03-06 10:06 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 02:04 - 2019-03-06 10:06 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 02:04 - 2019-03-06 10:06 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-03-13 02:04 - 2019-03-06 10:05 - 000439224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-13 02:04 - 2019-03-06 10:05 - 000436240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 02:04 - 2019-03-06 10:05 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-03-13 02:04 - 2019-03-06 10:04 - 002765856 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 02:04 - 2019-03-06 10:04 - 000945464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 02:04 - 2019-03-06 10:04 - 000628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpx.dll
2019-03-13 02:04 - 2019-03-06 10:03 - 002719544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 02:04 - 2019-03-06 10:03 - 002465784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 02:04 - 2019-03-06 10:03 - 001921848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 02:04 - 2019-03-06 10:03 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-03-13 02:04 - 2019-03-06 10:03 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-03-13 02:04 - 2019-03-06 10:03 - 000375608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 02:04 - 2019-03-06 10:02 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 02:04 - 2019-03-06 10:02 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-13 02:04 - 2019-03-06 10:02 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-13 02:04 - 2019-03-06 10:02 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-13 02:04 - 2019-03-06 10:02 - 000626488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 02:04 - 2019-03-06 09:36 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 02:04 - 2019-03-06 09:34 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 02:04 - 2019-03-06 09:33 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 02:04 - 2019-03-06 09:32 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 02:04 - 2019-03-06 09:32 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 02:04 - 2019-03-06 09:32 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 007598592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 02:04 - 2019-03-06 09:31 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 02:04 - 2019-03-06 09:31 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 02:04 - 2019-03-06 09:31 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-03-13 02:04 - 2019-03-06 09:29 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2019-03-13 02:04 - 2019-03-06 09:29 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 02:04 - 2019-03-06 09:29 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 02:04 - 2019-03-06 09:29 - 000736256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 02:04 - 2019-03-06 09:28 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 02:04 - 2019-03-06 09:27 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 02:04 - 2019-03-06 09:27 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 02:04 - 2019-03-06 09:27 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 02:04 - 2019-03-06 09:27 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 02:04 - 2019-03-06 09:26 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-03-13 02:04 - 2019-03-06 09:26 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 02:04 - 2019-03-06 09:26 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 02:04 - 2019-03-06 09:25 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 02:04 - 2019-03-06 08:08 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2019-03-13 02:04 - 2019-03-06 07:17 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 02:04 - 2019-03-06 07:17 - 000146712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-03-13 02:04 - 2019-03-06 07:15 - 002253488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 02:04 - 2019-03-06 07:15 - 000434488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 02:04 - 2019-03-06 07:14 - 000785568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 02:04 - 2019-03-06 07:14 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 02:04 - 2019-03-06 07:14 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpx.dll
2019-03-13 02:04 - 2019-03-06 07:14 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 02:04 - 2019-03-06 07:13 - 000607248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-13 02:04 - 2019-03-06 07:05 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 02:04 - 2019-03-06 06:56 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 02:04 - 2019-03-06 06:53 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-03-13 02:04 - 2019-03-06 06:53 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 02:04 - 2019-03-06 06:52 - 005790720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 02:04 - 2019-03-06 06:52 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 02:04 - 2019-03-06 06:52 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 02:04 - 2019-03-06 06:51 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-03-13 02:04 - 2019-03-06 06:51 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 02:04 - 2019-03-06 06:51 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-03-13 02:04 - 2019-03-06 06:50 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 02:04 - 2019-03-06 06:50 - 001347584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2019-03-13 02:04 - 2019-03-06 06:50 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 02:04 - 2019-03-06 06:49 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 02:04 - 2019-03-06 06:49 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-03-13 02:04 - 2019-03-06 06:48 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 02:04 - 2019-03-06 06:48 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 02:04 - 2019-02-21 04:26 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-13 02:04 - 2019-02-16 14:02 - 001644040 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000808456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000735752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000620040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000460296 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-13 02:04 - 2019-02-16 14:02 - 000147464 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-13 02:04 - 2019-02-16 14:02 - 000071176 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-13 02:04 - 2019-02-16 13:57 - 001048472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-03-13 02:04 - 2019-02-16 13:57 - 000506088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-03-13 02:04 - 2019-02-16 13:56 - 000549520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-03-13 02:04 - 2019-02-16 13:56 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-13 02:04 - 2019-02-16 13:53 - 001516416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-13 02:04 - 2019-02-16 13:36 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-03-13 02:04 - 2019-02-16 13:34 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-13 02:04 - 2019-02-16 13:34 - 001725952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-13 02:04 - 2019-02-16 13:34 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-03-13 02:04 - 2019-02-16 13:33 - 001786880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-13 02:04 - 2019-02-16 13:32 - 003646976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-13 02:04 - 2019-02-16 13:32 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-13 02:04 - 2019-02-16 13:31 - 001271808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-03-13 02:04 - 2019-02-16 13:31 - 001003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-13 02:04 - 2019-02-16 13:31 - 000861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-13 02:04 - 2019-02-16 13:31 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-13 02:04 - 2019-02-16 13:30 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-03-13 02:04 - 2019-02-16 13:30 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2019-03-13 02:04 - 2019-02-16 13:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-03-13 02:04 - 2019-02-16 13:29 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-13 02:04 - 2019-02-16 13:24 - 000444176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-03-13 02:04 - 2019-02-16 13:22 - 001322176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-13 02:04 - 2019-02-16 13:08 - 000373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-03-13 02:04 - 2019-02-16 13:07 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-13 02:04 - 2019-02-16 13:07 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-13 02:04 - 2019-02-16 13:06 - 002890752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-13 02:04 - 2019-02-16 13:06 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-13 02:04 - 2019-02-16 13:06 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-13 02:04 - 2019-02-16 13:06 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-13 02:04 - 2019-02-16 13:06 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-13 02:04 - 2019-02-16 13:04 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-13 02:04 - 2019-02-16 11:22 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-03-13 02:04 - 2019-02-16 09:16 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-13 02:04 - 2019-02-16 09:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-13 02:04 - 2019-02-16 09:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-13 02:04 - 2019-02-16 09:05 - 000087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-03-13 02:04 - 2019-02-16 09:04 - 000193032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-03-13 02:04 - 2019-02-16 09:03 - 007901392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-13 02:04 - 2019-02-16 09:03 - 005625360 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-03-13 02:04 - 2019-02-16 09:03 - 000510288 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-03-13 02:04 - 2019-02-16 09:02 - 005821440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-13 02:04 - 2019-02-16 09:02 - 003291632 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-03-13 02:04 - 2019-02-16 09:02 - 001934800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-03-13 02:04 - 2019-02-16 09:02 - 001792712 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-13 02:04 - 2019-02-16 09:02 - 000705848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-03-13 02:04 - 2019-02-16 09:02 - 000432952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-13 02:04 - 2019-02-16 09:02 - 000413712 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 001285424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-13 02:04 - 2019-02-16 09:01 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 001028920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-13 02:04 - 2019-02-16 09:01 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000735464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000641984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-13 02:04 - 2019-02-16 09:01 - 000527160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000480840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000335672 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-13 02:04 - 2019-02-16 09:01 - 000161664 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2019-03-13 02:04 - 2019-02-16 08:57 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-13 02:04 - 2019-02-16 08:53 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-03-13 02:04 - 2019-02-16 08:51 - 002479168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-03-13 02:04 - 2019-02-16 08:51 - 001584536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-13 02:04 - 2019-02-16 08:51 - 000170952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 001805648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 001171336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 000560384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-13 02:04 - 2019-02-16 08:50 - 000504072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2019-03-13 02:04 - 2019-02-16 08:37 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-13 02:04 - 2019-02-16 08:36 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2019-03-13 02:04 - 2019-02-16 08:36 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-03-13 02:04 - 2019-02-16 08:35 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-13 02:04 - 2019-02-16 08:35 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-13 02:04 - 2019-02-16 08:34 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2019-03-13 02:04 - 2019-02-16 08:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-13 02:04 - 2019-02-16 08:34 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 006646784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-13 02:04 - 2019-02-16 08:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-13 02:04 - 2019-02-16 08:32 - 002969088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-13 02:04 - 2019-02-16 08:32 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2019-03-13 02:04 - 2019-02-16 08:31 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-13 02:04 - 2019-02-16 08:31 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-13 02:04 - 2019-02-16 08:31 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-03-13 02:04 - 2019-02-16 08:31 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppLockerCSP.dll
2019-03-13 02:04 - 2019-02-16 08:30 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-13 02:04 - 2019-02-16 08:29 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-13 02:04 - 2019-02-16 08:29 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 002585600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2019-03-13 02:04 - 2019-02-16 08:28 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-03-13 02:04 - 2019-02-16 08:27 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-13 02:04 - 2019-02-16 08:27 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2019-03-13 02:04 - 2019-02-16 08:27 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-13 02:04 - 2019-02-16 08:26 - 001459712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-03-13 02:04 - 2019-02-16 08:26 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-13 02:04 - 2019-02-16 08:26 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-13 02:04 - 2019-02-16 08:26 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-13 02:04 - 2019-02-16 08:26 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-13 02:04 - 2019-02-16 08:25 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2019-03-13 02:04 - 2019-02-16 08:25 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-03-09 14:44 - 2019-03-09 14:44 - 000000305 _____ C:\Users\Lukasz\Desktop\Metro Exodus Pre-Purchase Extras.url

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-08 17:53 - 2017-06-16 23:08 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-08 17:51 - 2018-05-04 04:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-08 17:51 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-08 17:51 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-08 17:45 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-08 17:43 - 2018-11-10 15:10 - 000000000 ____D C:\Users\Lukasz\AppData\Local\CrashDumps
2019-04-08 17:43 - 2018-05-04 02:43 - 000000000 ___DC C:\WINDOWS\Panther
2019-04-08 17:43 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-08 17:43 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-08 17:39 - 2017-06-17 02:35 - 000000000 ____D C:\Users\Lukasz\AppData\LocalLow\Mozilla
2019-04-08 17:30 - 2018-05-04 04:19 - 002698580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-08 17:30 - 2018-05-04 03:27 - 000785506 _____ C:\WINDOWS\system32\perfh015.dat
2019-04-08 17:30 - 2018-05-04 03:27 - 000152600 _____ C:\WINDOWS\system32\perfc015.dat
2019-04-08 17:30 - 2018-04-12 17:18 - 000776104 _____ C:\WINDOWS\system32\perfh00A.dat
2019-04-08 17:30 - 2018-04-12 17:18 - 000154976 _____ C:\WINDOWS\system32\perfc00A.dat
2019-04-08 17:24 - 2018-04-18 00:40 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2019-04-08 17:23 - 2018-04-18 00:40 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2019-04-08 04:46 - 2018-05-04 04:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-04-07 17:10 - 2018-05-04 04:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-07 16:25 - 2019-01-15 04:04 - 000001095 _____ C:\Users\Lukasz\Desktop\prod..txt
2019-04-07 06:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-07 06:30 - 2018-05-04 04:15 - 000000000 ____D C:\Users\Lukasz
2019-04-07 06:27 - 2019-03-08 01:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo [GOG.com]
2019-04-07 06:27 - 2018-10-27 14:37 - 000000000 ____D C:\Users\Lukasz\AppData\Roaming\Telegram Desktop
2019-04-07 06:27 - 2018-03-21 02:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gwent [GOG.com]
2019-04-07 06:27 - 2018-03-10 13:58 - 000000000 ____D C:\Users\Lukasz\AppData\Roaming\Battle.net
2019-04-07 06:27 - 2018-01-12 01:50 - 000000000 ____D C:\Program Files\rempl
2019-04-07 06:27 - 2017-12-23 18:02 - 000000000 ____D C:\Users\Lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2019-04-07 06:27 - 2017-12-23 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2019-04-07 06:27 - 2017-01-14 00:40 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2019-04-07 06:27 - 2016-10-13 16:16 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-04-07 06:20 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-07 06:20 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-04-07 06:19 - 2018-05-04 04:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2019-04-07 06:19 - 2018-04-15 15:05 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-04-07 06:19 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\registration
2019-04-07 06:19 - 2018-03-10 13:58 - 000000000 ____D C:\Users\Lukasz\AppData\Local\Battle.net
2019-04-07 06:19 - 2016-10-13 16:16 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-04-07 06:08 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-07 05:49 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-07 05:48 - 2017-06-16 12:20 - 000000000 ___RD C:\Users\Lukasz\OneDrive
2019-04-07 03:13 - 2017-09-02 22:07 - 000000000 ____D C:\KMPlayer
2019-04-07 01:03 - 2018-05-05 01:29 - 000001400 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2019-04-06 20:16 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-04-05 21:17 - 2016-10-13 16:19 - 000002538 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-04-05 21:17 - 2016-10-13 16:19 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-04-04 14:49 - 2018-10-24 05:00 - 000001355 _____ C:\Users\Public\Desktop\Gwent.lnk
2019-04-01 14:16 - 2018-05-04 04:19 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3098152612-1641899179-275015866-1001
2019-04-01 14:16 - 2018-05-04 04:15 - 000002407 _____ C:\Users\Lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-31 15:02 - 2017-06-17 02:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-31 15:02 - 2017-06-16 23:08 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-03-30 13:36 - 2018-07-30 00:14 - 000004256 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1532906091
2019-03-30 13:36 - 2018-07-30 00:14 - 000001409 _____ C:\Users\Lukasz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Przeglądarka Opera.lnk
2019-03-28 13:12 - 2019-03-08 01:39 - 000001359 _____ C:\Users\Public\Desktop\Diablo.lnk
2019-03-28 02:12 - 2017-06-17 02:35 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-26 14:40 - 2019-02-25 01:02 - 000000280 _____ C:\Users\Lukasz\Desktop\Metro Exodus.url
2019-03-26 14:27 - 2019-02-24 19:45 - 000000000 ____D C:\Users\Lukasz\AppData\Local\EpicGamesLauncher
2019-03-24 00:45 - 2018-11-10 15:08 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-03-24 00:45 - 2018-11-10 15:08 - 000001450 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2019-03-24 00:45 - 2017-06-16 23:08 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-03-24 00:45 - 2017-06-16 23:08 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-03-23 18:04 - 2017-01-14 00:27 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-23 18:01 - 2017-06-17 11:06 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2019-03-22 00:26 - 2019-02-24 19:44 - 000000000 ____D C:\ProgramData\Epic
2019-03-18 16:11 - 2018-11-10 15:08 - 002769904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2019-03-18 16:11 - 2018-11-10 15:08 - 002149872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2019-03-18 16:11 - 2018-11-10 15:08 - 001323504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2019-03-18 15:31 - 2018-11-10 15:08 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2019-03-13 12:48 - 2018-05-04 04:14 - 000502936 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 12:47 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-03-13 02:04 - 2017-06-17 01:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 02:03 - 2017-06-17 01:52 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-11 17:47 - 2017-06-17 01:49 - 000000000 ____D C:\ProgramData\McAfee

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-04 04:14

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Lukasz (08-04-2019 17:54:53)
Running from C:\Users\Lukasz\Desktop
Windows 10 Home Version 1803 17134.648 (X64) (2018-05-04 03:19:34)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-3098152612-1641899179-275015866-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3098152612-1641899179-275015866-503 - Limited - Disabled)
Invitado (S-1-5-21-3098152612-1641899179-275015866-501 - Limited - Disabled)
Lukasz (S-1-5-21-3098152612-1641899179-275015866-1001 - Administrator - Enabled) => C:\Users\Lukasz
WDAGUtilityAccount (S-1-5-21-3098152612-1641899179-275015866-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Actualización de NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Adobe Reader XI (11.0.23) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alan Wake (HKLM-x32\...\1207659037_is1) (Version: 1.0 Hotfix - GOG.com)
Alan Wake's American Nightmare (HKLM-x32\...\1207659038_is1) (Version: 2.0.0.25 - GOG.com)
ALLPlayer V7.X (HKLM-x32\...\ALLPlayer_is1) (Version:  - ALLPlayer Group, Ltd.)
ApoDispatchConfigurator (HKLM\...\{ECA88E0A-11EB-44FF-97DC-5BBE6233FF98}) (Version: 2.3.401 - Nahimic) Hidden
AudioLaunchpadConfigurator (HKLM\...\{67645A0A-405B-42BC-81FC-9F4AED965286}) (Version: 2.3.401 - Nahimic) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BurnRecovery (HKLM-x32\...\{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application) Hidden
BurnRecovery (HKLM-x32\...\InstallShield_{92A6B009-1343-4C44-AFB1-8849137CA3F0}) (Version: 5.0.1608.1201 - Application)
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
cFosSpeed v10.11 (HKLM\...\cFosSpeed) (Version: 10.11 - cFos Software GmbH, Bonn)
CheckDevicesConfigurator (HKLM\...\{E9CBE803-AABF-4B5F-AAD9-BA4CDD33E065}) (Version: 2.3.401 - Nahimic) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5913.59 - CyberLink Corp.)
Diablo (HKLM-x32\...\1412601690_is1) (Version: 1.09 v6 - GOG.com)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin 2 (HKLM-x32\...\1584823040_is1) (Version: 3.6.37.7694 - GOG.com)
Divinity: Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.0.119.430 CN update - GOG.com)
Dragon Eye(x64) (HKLM\...\{B746827A-3219-4EF8-8053-CEA5AEC12D33}) (Version: 0.0.2.3 - MSI) Hidden
Dragon Eye(x64) (HKLM-x32\...\Installshield_{B746827A-3219-4EF8-8053-CEA5AEC12D33}) (Version: 0.0.2.3 - MICRO-STAR INT'L,.LTD.)
Dying Light (HKLM-x32\...\1448452156_is1) (Version: 1.16.0 CD - GOG.com)
Dying Light: Gun Psycho Bundle (HKLM-x32\...\1460996021_is1) (Version: 1.16.0 CD - GOG.com)
Dying Light: Harran Ranger Bundle (HKLM-x32\...\1460996196_is1) (Version: 1.16.0 CD - GOG.com)
Dying Light: Volatile Hunter Bundle (HKLM-x32\...\1460996282_is1) (Version: 1.16.0 CD - GOG.com)
ELEX (HKLM-x32\...\1885888793_is1) (Version: 1.0.2955.0 - GOG.com)
Epic Games Launcher (HKLM-x32\...\{22A26D81-71D4-4C3E-8ECE-58AB8A92CB48}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Freemake Video Converter wersja 4.1.10 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.10 - Mixbyte Inc.)
Frostpunk (HKLM-x32\...\1648559910_is1) (Version: 1.3.3.42665.45362 (2019-02-08 15:16) - GOG.com)
Gaming Center(x64) (HKLM\...\{551A2B0B-32DC-4CDC-BCEF-1E2FCE0557E7}) (Version: 0.0.1.52 - MSI) Hidden
Gaming Center(x64) (HKLM-x32\...\Installshield_{551A2B0B-32DC-4CDC-BCEF-1E2FCE0557E7}) (Version: 0.0.1.52 - MICRO-STAR INT'L,.LTD.)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version:  - GOG.com)
GOG.com Gothic 2 (HKLM\...\{5fa21179-8540-43e2-b790-5f59435828c5}.sdb) (Version:  - )
GOG.com Risen (HKLM\...\{389384c4-37c5-440b-8196-2917b852cac7}.sdb) (Version:  - )
Gothic (HKLM-x32\...\1207658682_is1) (Version: 1.08k Hotfix - GOG.com)
Gothic 2 Gold (HKLM-x32\...\1207658718_is1) (Version: 2.7 - GOG.com)
Gothic 3 (HKLM-x32\...\1207658986_is1) (Version: 1.75.14l - GOG.com)
Gwent (HKLM-x32\...\1971477531_is1) (Version: 2.0.1 - GOG.com)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\1207658787_is1) (Version: 4.0 (3.2) - GOG.com)
HoMM III Compatibility Database (HKLM\...\{62a24b39-0106-4990-90ea-3a09e9dda7a6}.sdb) (Version:  - )
Intel(R) Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4526 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{25779f5d-6b0a-4e11-89e8-441b93c6ce2b}) (Version: 19.10.0 - Intel Corporation)
Kingdom Come: Deliverance – Band of Bastards (HKLM-x32\...\1957357825_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance – From the Ashes (HKLM-x32\...\1201995925_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance - HD Sound Pack (HKLM-x32\...\1929089326_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance - HD Texture Pack (HKLM-x32\...\1597510471_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance – The Amorous Adventures of Bold Sir Hans Capon (HKLM-x32\...\1336069439_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance (HKLM-x32\...\1719198803_is1) (Version: 1.8.2-247j - GOG.com)
Kingdom Come: Deliverance Treasures of the Past DLC (HKLM-x32\...\1300320746_is1) (Version: 1.8.2-247j - GOG.com)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.1.4 - PandoraTV)
L.A. Noire PL [BDIP] wersja 1.01 (HKLM-x32\...\{C863E3ED-F40F-411B-925D-87824CC81DCF}_is1) (Version: 1.01 - BDIP)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LauncherSetup (HKLM\...\{287BF839-EF88-48B8-91FA-0E1D5DB9CADC}) (Version: 2.3.401 - Nahimic) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R18 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.29 - McAfee, Inc.)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Metro - Last Light Redux (HKLM-x32\...\1430740172_is1) (Version: 2.0.0.2 - GOG.com)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office 365 - es-es (HKLM\...\O365HomePremRetail - es-es) (Version: 16.0.11425.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 66.0.2 (x64 pl)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0 - Mozilla)
MSI Gaming Lan Manager (HKLM-x32\...\{3318282C-D4D6-4B29-BBD5-95FC34B54FF0}_is1) (Version: 1.0.0.33 - MSI)
MSI Remind Manager (HKLM-x32\...\{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.10.1612.2301 - Micro-Star International Co., Ltd.) Hidden
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.10.1612.2301 - Micro-Star International Co., Ltd.)
Nahimic 2 (HKLM-x32\...\{c08f0f33-d922-410b-b674-281f192d4052}) (Version: 2.3.4 - Nahimic)
Nahimic2UISetup (HKLM\...\{24A02DEB-5DA6-49C0-8395-3F3797FFA40A}) (Version: 2.3.401 - Nahimic) Hidden
NahimicSettingsConfigurator (HKLM\...\{B5D13207-B1FF-4E37-B7D5-4EFF06385D2A}) (Version: 2.3.401 - Nahimic) Hidden
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Controlador de audio HD 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Panel de control de NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity II: Deadfire - Explorer's Pack - Pet Cosmo (HKLM-x32\...\2077656881_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity II: Deadfire - Explorer's Pack - Tricorn Hat (HKLM-x32\...\1399818689_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity II: Deadfire - Seeker, Slayer, Survivor (HKLM-x32\...\1998155087_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity II: Deadfire - The Beast of Winter (HKLM-x32\...\1962809988_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity II: Deadfire - The Forgotten Sanctum (HKLM-x32\...\1877382801_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity II: Deadfire (HKLM-x32\...\1788509829_is1) (Version: v4.1.2.0047 - GOG.com)
Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\1207666843_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: Deadfire Pack (HKLM-x32\...\1577585691_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.07.0.1318 - GOG.com)
Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.07.0.1318 - GOG.com)
ProductDaemonSetup (HKLM\...\{EBC20037-CF55-4624-BBFC-B5D96DE13A71}) (Version: 2.3.401 - Nahimic) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen (HKLM-x32\...\1207663153_is1) (Version: 1.0 - GOG.com)
Risen 2 - Dark Waters (HKLM-x32\...\1207663193_is1) (Version: 1.0 - GOG.com)
Risen 2 Gold Edition (HKLM-x32\...\1207664183_is1) (Version: 1.0 - GOG.com)
Risen 3 - Titan Lords Complete (HKLM-x32\...\Risen 3 - Titan Lords Complete_is1) (Version: 2.0.0.3 - GOG.com)
Risen 3 - Titan Lords Enhanced Edition (HKLM-x32\...\1454068042_is1) (Version: 2.0.0.3 - GOG.com)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
S.T.A.L.K.E.R. Call of Pripyat (HKLM-x32\...\1207660583_is1) (Version: 2.1.0.17 - GOG.com)
S.T.A.L.K.E.R. Clear Sky (HKLM-x32\...\1207660603_is1) (Version: 2.1.0.10 - GOG.com)
S.T.A.L.K.E.R. Shadow of Chernobyl (HKLM-x32\...\1207660573_is1) (Version: 2.1.0.9 - GOG.com)
SonicMapperConfigurator (HKLM\...\{5E17C6AD-F1AD-4668-9708-266570322E53}) (Version: 2.3.401 - Nahimic) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Telegram Desktop version 1.6.3 (HKU\S-1-5-21-3098152612-1641899179-275015866-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.6.3 - Telegram Messenger LLP)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\1207658930_is1) (Version: 3.5.0.26 - GOG.com)
The Witcher 3: Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.32 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Thronebreaker (HKLM-x32\...\1297352383_is1) (Version: 1.1 - GOG.com)
UIInstallUpgrade (HKLM\...\{2ABFC8B8-113D-4C1C-830C-955212B6E89A}) (Version: 2.3.401 - Nahimic) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WTFast 4.0 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.7.692 - Initex & AAA Internet Publishing)
XSplit Gamecaster (HKLM-x32\...\{D3C9DBAA-5395-4971-A962-553C7DBEA423}) (Version: 2.8.1605.2355 - SplitmediaLabs)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3098152612-1641899179-275015866-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3098152612-1641899179-275015866-1001_Classes\CLSID\{3DF2D8A8-0E9D-4DA7-8303-E555E5A9249C} -> [MEGAsync] => C:\Users\Lukasz\Documents\MEGAsync [2018-11-10 16:54]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Lukasz\AppData\Local\MEGAsync\ShellExtX64.dll [2019-02-19] (Mega Limited -> )
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\program files\mcafee\msc\mcctxmenufrmwrk.dll [2019-02-15] (McAfee, Inc. -> McAfee, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045B6D61-69D9-46AC-A88B-64ABD174C907} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {0B462297-A965-43C6-BF1C-C1A0379A3CAA} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {11A76A1A-BC65-4E68-B2AA-6FE67E494637} - System32\Tasks\MSI LEDBar Controller => C:\Program Files\WMIHook\WMIHookBtnFn\meSIOCtrl.exe (Micro-Star International CO., LTD. -> MICRO-STAR INT'L,.LTD.)
Task: {11CE4C84-2053-4DD3-B7CF-7F51136CC4BB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {16A6850B-7AA0-4620-9D8F-47372C1A580A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1CB8558E-9CC6-4947-B200-B12AECA70BE4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1F6E17C2-6258-4145-83C9-78B6AE530C2C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24824876-BCA9-4A63-B62D-D082B68BA0A4} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe (McAfee, Inc. -> McAfee, Inc.)
Task: {2C0BA923-B4B6-4F32-A980-367FE91EE820} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.7.382\mcdatrep.exe (McAfee, Inc. -> McAfee, LLC.)
Task: {3444A0CF-7D82-4BB0-B8F3-05B38D996CED} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {40832861-BAA9-4366-AADD-24B38B2DBC5A} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {41D690F1-6C7B-4F1D-BD69-0240CD7FD702} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6B1DA3FD-30C9-4468-A302-480189FF2CF1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {758D8F92-E401-4343-B548-A12EF83B160D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {84F35181-5393-423C-ADBD-F1CB7016E5ED} - System32\Tasks\Nahimic2Svc32Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2Svc32.exe (A-Volute -> )
Task: {851BF51C-7DC1-4BAB-A41B-3B56F9745457} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3098152612-1641899179-275015866-1001 => C:\Users\Lukasz\AppData\Local\MEGAsync\MEGAupdater.exe (Mega Limited -> Mega Limited)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {87F02CEF-9119-4435-8443-DBBDE06E3CAC} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {8903407A-C8D5-45C1-B0E0-A8BA39EB9152} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8BC333DF-7743-4A8E-B932-21BF36626D66} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8EB27E9D-D826-4DEC-B340-8C325694EEE0} - System32\Tasks\Nahimic2UILauncherRun => C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe (A-Volute -> )
Task: {9587949A-7681-4282-9C76-D2969EC591C4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9F5B63AC-5D03-4D19-B9DE-91D632AB8297} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A48C3915-D08C-4E9B-AFF1-5E7CFA9A6093} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AA2FA869-CD3A-4341-AA0E-830E12EF5045} - System32\Tasks\Opera scheduled Autoupdate 1532906091 => C:\Users\Lukasz\AppData\Local\Programs\Opera\launcher.exe (Opera Software AS -> Opera Software)
Task: {AAFAC1D2-252E-4693-8A10-4107FA46EDB6} - System32\Tasks\Nahimic2Svc64Run => C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2Svc64.exe (A-Volute -> )
Task: {CCFF89AF-5C73-4B81-9AEA-AEF173BE419C} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0D76A0F-9195-4D77-B5B2-DD97C1EFE84A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DAA53661-C4E1-4D6E-A700-AAF0CE36047C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9EC3137-564D-4EED-BCAD-B95D29B081A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {E9F9AE63-E2FD-4594-B450-504DD1951FAA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F0690040-FA0B-4220-B32C-D460C36A44A6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F780220D-14DA-4239-9771-CE3017991197} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F9584802-BB4F-426E-BDF1-CEFB55DAA91E} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe (CyberLink Corp. -> CyberLink Corp.)
Task: {FBFC6C0F-C4D7-4BBA-BB0C-4F2EFB77F604} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-04 04:14 - 2017-10-27 17:06 - 000874368 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2018-05-04 04:15 - 2017-10-27 17:06 - 000339256 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-08 17:45 - 2019-03-13 09:22 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3098152612-1641899179-275015866-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\System32\oobe\info\Wallpaper\backgroundDefault.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{957F0C54-6595-45D4-8BAD-03995450A704}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{20E85C00-405C-4EAA-B0FE-5BECF4A371F1}] => (Allow) D:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{202BF3DF-5550-47E2-872E-25A1E131F8C9}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{48E3C63C-3923-4D01-9E9B-4D7CA5032BDF}] => (Allow) D:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================

28-03-2019 13:11:58 Instalador de Módulos de Windows
05-04-2019 21:06:09 Windows Update
07-04-2019 05:32:46 Operación de restauración
08-04-2019 17:52:33 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2019 09:52:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa SearchUI.exe, versión 10.0.17134.648, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 3708

Hora de inicio: 01d4ed83c760cbae

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

Identificador de informe: 7b11cc52-e31a-4b7b-819c-edd820a4a081

Nombre completo de paquete con errores: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy

Identificador de aplicación relativa del paquete con errores: CortanaUI

Error: (04/07/2019 05:16:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa EpicGamesLauncher.exe, versión 9.11.2.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 9e8

Hora de inicio: 01d4ed5c8bd1f005

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe

Identificador de informe: 0ed8bea4-39b3-42a6-8283-92727d84c6d8

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (04/07/2019 04:46:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa EpicGamesLauncher.exe, versión 9.11.2.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 3584

Hora de inicio: 01d4ed5810f7d5fc

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe

Identificador de informe: 76197947-e375-4f20-b541-0a3792a5c668

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (04/07/2019 04:44:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: explorer.exe, versión: 10.0.17134.165, marca de tiempo: 0x4031a9f8
Nombre del módulo con errores: SHELL32.dll, versión: 10.0.17134.441, marca de tiempo: 0x5cbab8c4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000093eb4
Identificador del proceso con errores: 0x232c
Hora de inicio de la aplicación con errores: 0x01d4ed58be24ff79
Ruta de acceso de la aplicación con errores: C:\WINDOWS\explorer.exe
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\SHELL32.dll
Identificador del informe: cd43f4df-fc7a-42d0-83d2-a2f375cd1a46
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/07/2019 04:44:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nombre de la aplicación con errores: Explorer.EXE, versión: 10.0.17134.165, marca de tiempo: 0x4031a9f8
Nombre del módulo con errores: SHELL32.dll, versión: 10.0.17134.441, marca de tiempo: 0x5cbab8c4
Código de excepción: 0xc0000005
Desplazamiento de errores: 0x0000000000093eb4
Identificador del proceso con errores: 0x3504
Hora de inicio de la aplicación con errores: 0x01d4ed50e09efd22
Ruta de acceso de la aplicación con errores: C:\WINDOWS\Explorer.EXE
Ruta de acceso del módulo con errores: C:\WINDOWS\System32\SHELL32.dll
Identificador del informe: d1572d6c-a8a9-4b40-a740-830fe1e5d678
Nombre completo del paquete con errores: 
Identificador de aplicación relativa del paquete con errores:

Error: (04/07/2019 06:51:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: El programa EpicGamesLauncher.exe, versión 9.11.2.0, dejó de interactuar con Windows y se cerró. Para ver si hay más información disponible acerca del problema, comprueba el historial de problemas en la sección Seguridad y mantenimiento del Panel de control.

Identificador de proceso: 3b14

Hora de inicio: 01d4ed0539be79ea

Hora de finalización: 4294967295

Ruta de la aplicación: C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe

Identificador de informe: 30cea80c-1a55-442c-bb68-5060ff1122af

Nombre completo de paquete con errores: 

Identificador de aplicación relativa del paquete con errores:

Error: (04/07/2019 05:43:21 AM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014

Error: (04/07/2019 05:42:38 AM) (Source: AVLogEvent) (EventID: 5005) (User: NT AUTHORITY)
Description: Content is missing.
Error Code:a7f42014


System errors:
=============
Error: (04/08/2019 05:52:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA LocalSystem Container terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 6000 milisegundos: Reiniciar el servicio.

Error: (04/08/2019 05:52:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: El servicio NVIDIA Display Container LS terminó inesperadamente. Esto se ha repetido 1 veces. Se realizará la siguiente acción correctora en 1000 milisegundos: Reiniciar el servicio.

Error: (04/08/2019 05:52:06 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-BBAM3MO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario DESKTOP-BBAM3MO\Lukasz con SID (S-1-5-21-3098152612-1641899179-275015866-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2019 05:52:05 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Iniciar Local para la aplicación de servidor COM con CLSID 
Windows.SecurityCenter.WscBrokerManager
 y APPID 
No disponible
 al usuario NT AUTHORITY\SYSTEM con SID (S-1-5-18) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2019 05:51:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2019 05:51:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 y APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 al usuario NT AUTHORITY\SERVICIO LOCAL con SID (S-1-5-19) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (04/08/2019 05:51:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: El servicio xTendSoftAPService se terminó de manera inesperada. Esto ha sucedido 1 veces.

Error: (04/08/2019 05:51:25 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN se detuvo inesperadamente.

Ruta de acceso del módulo: C:\WINDOWS\System32\IWMSSvc.dll


Windows Defender:
===================================
Date: 2019-02-02 01:57:48.301
Description: 
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu: 
Poprzednia wersja podpisu: 1.245.977.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: NT AUTHORITY\SYSTEM
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.13902.0
Kod błędu: 0x80072f8f
Opis błędu: Error de seguridad 

Date: 2019-01-18 14:42:33.727
Description: 
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu: 
Poprzednia wersja podpisu: 1.245.977.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: NT AUTHORITY\Servicio de red
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.13902.0
Kod błędu: 0x80072ee7
Opis błędu: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-18 14:42:33.726
Description: 
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu: 
Poprzednia wersja podpisu: 1.245.977.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ podpisu: Oprogramowanie antyszpiegowskie
Typ aktualizacji: Pełne
Użytkownik: NT AUTHORITY\Servicio de red
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.13902.0
Kod błędu: 0x80072ee7
Opis błędu: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-18 14:42:33.726
Description: 
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu: 
Poprzednia wersja podpisu: 1.245.977.0
Źródło aktualizacji: Centrum firmy Microsoft ds. ochrony przed złośliwym oprogramowaniem
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: NT AUTHORITY\Servicio de red
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.13902.0
Kod błędu: 0x80072ee7
Opis błędu: No se pudo resolver el nombre de servidor o su dirección 

Date: 2019-01-18 14:42:33.625
Description: 
Produkt Program antywirusowy Windows Defender napotkał błąd podczas próby aktualizacji podpisów.
Nowa wersja podpisu: 
Poprzednia wersja podpisu: 1.245.977.0
Źródło aktualizacji: Serwer usługi Microsoft Update
Typ podpisu: Oprogramowanie antywirusowe
Typ aktualizacji: Pełne
Użytkownik: NT AUTHORITY\SYSTEM
Bieżąca wersja aparatu: 
Poprzednia wersja aparatu: 1.1.13902.0
Kod błędu: 0x8024402c
Opis błędu: Se produjo un problema inesperado mientras se buscaban actualizaciones. Para obtener más información sobre cómo instalar o solucionar problemas en las actualizaciones, consulte Ayuda y soporte técnico. 

CodeIntegrity:
===================================

Date: 2019-04-04 01:21:13.580
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-04 01:21:13.579
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-04 01:21:10.508
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-04-04 01:21:10.505
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2019-03-24 00:44:22.841
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Store signing level requirements.

Date: 2019-03-24 00:44:22.837
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Store signing level requirements.

Date: 2019-03-24 00:44:22.594
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2DevProps.dll that did not meet the Microsoft signing level requirements.

Date: 2019-03-24 00:44:22.592
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume5\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2OSD.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 27%
Total physical RAM: 16329.87 MB
Available physical RAM: 11888.8 MB
Total Virtual: 21961.87 MB
Available Virtual: 16460.38 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.47 GB) (Free:62.44 GB) NTFS
Drive d: (Data) (Fixed) (Total:1844.74 GB) (Free:105.63 GB) NTFS

\\?\Volume{c12f1c47-21bf-4a1b-a16f-4efe6dec124c}\ (WINRE) (Fixed) (Total:0.78 GB) (Free:0.39 GB) NTFS
\\?\Volume{d6ec4a5b-c6f2-4197-ae49-b02d3a9b1871}\ (BIOS_RVY) (Fixed) (Total:18.27 GB) (Free:0.66 GB) NTFS
\\?\Volume{850a6151-ff12-4b5c-85a3-162bef6273d4}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 17446FF8)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 17446F1A)

Partition: GPT.

==================== End of Addition.txt ============================

Y aquí la ventana que emergió despúes de reiniciar el windows al acabar todos los análisis:

Otra vez muchas gracias por tu ayuda, de momento todo parece funcionar perfectamente.

Hola… Perfecto. :+1:

Y le diste a permitir o rechazaste esa petición/control del Firewall de Windows.??

Le di a permitir acceso, pero cambie a redes privadas.

Bien… y ahora sigue estos pasos, :arrow_forward: MUY Importante :arrow_backward: Realiza una copia de seguridad del registro :

  • Para hacerlo descarga :arrow_forward: DelFix.exe(en tu escritorio).

  • Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

  • Atención, ahora marca/selecciona únicamente la casilla :white_check_mark: Create registry backup, las demás casillas NO. :face_with_monocle:

  • Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

:warning: Con los demás programas cerrados ve a :arrow_forward: Inicio :arrow_forward: Ejecutar :arrow_forward: y escribe Notepad.exe.

  • Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
BootExecute: autocheck autochk * sdnclean64.exe
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
CHR HKLM\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 mfeavfk04; \Device\mfeavfk04.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio :arrow_backward: Esto es muy importante.

:o: Nota :o: Es importante que la herramienta FRST.exe(Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

Y ahora usa el 2º MÉTODO: de esta Faq de Windows 8(aplicable a Windows 10) :arrow_forward: ¿Cómo iniciar Windows 8/8.1 en Modo Seguro?, para trabajar desde ese modo de windows.

  • Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).

  • Presionar el botón FIX y aguardar a que termine.

  • La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pegar el contenido de este fichero en tu próxima respuesta. :+1:

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Saludos.

Hola. Aprovecho esta introdución para darte otra vez las gracias por tu tiempo invertido en mi problema, y afirmo que desde ayer todo funciona perfectamente. Te mando el contenido del fichero que pedías, y como ya he dicho, desde ayer no tuve ningún problema, y después de usar el Script todo sige funcionando perfectamente, no encuentro ningún problema. Páginas WEB se cargan rápidamente, Epic Launcher funciona bien, otros launcher también. Gracias!


Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Lukasz (09-04-2019 14:03:35) Run:1
Running from C:\Users\Lukasz\Desktop
Loaded Profiles: Lukasz (Available Profiles: Lukasz)
Boot Mode: Normal
==============================================

fixlist content:
*****************
START
CREATERESTOREPOINT:
CLOSEPROCESSES:
BootExecute: autocheck autochk * sdnclean64.exe
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
CHR HKLM\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cpaibbcbodhimfnjnakiidgbpiehfgci] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
S3 mfeavfk04; \Device\mfeavfk04.sys [X]
HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\SOFTWARE\Google\Chrome\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci => removed successfully
HKLM\SOFTWARE\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho => removed successfully
HKLM\System\CurrentControlSet\Services\mfeavfk04 => removed successfully
mfeavfk04 => service removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-3098152612-1641899179-275015866-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-3098152612-1641899179-275015866-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci˘ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci˘n IP de Windows

No se puede realizar ninguna operaci˘n en Wi-Fi mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci˘n en Conexi˘n de  rea local* 11 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci˘n en Conexi˘n de  rea local* 13 mientras los medios
est‚n desconectados.
No se puede realizar ninguna operaci˘n en Conexi˘n de red Bluetooth mientras los medios
est‚n desconectados.

Adaptador de LAN inal mbrica Wi-Fi:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS especˇfico para la conexi˘n. . : 

Adaptador de LAN inal mbrica Conexi˘n de  rea local* 11:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS especˇfico para la conexi˘n. . : 

Adaptador de LAN inal mbrica Conexi˘n de  rea local* 13:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS especˇfico para la conexi˘n. . : 

Adaptador de Ethernet Ethernet:

   Sufijo DNS especˇfico para la conexi˘n. . : 
   Vˇnculo: direcci˘n IPv6 local. . . : fe80::e884:c932:ed42:7e81%8
   Direcci˘n IPv4. . . . . . . . . . . . . . : 192.168.1.101
   M scara de subred . . . . . . . . . . . . : 255.255.255.0
   Puerta de enlace predeterminada . . . . . : 192.168.1.1

Adaptador de Ethernet Conexi˘n de red Bluetooth:

   Estado de los medios. . . . . . . . . . . : medios desconectados
   Sufijo DNS especˇfico para la conexi˘n. . : 

========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci˘n IP de Windows

Se vaci˘ correctamente la cach‚ de resoluci˘n de DNS.

========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to cancel {1229C266-8573-4FF3-98DE-49E363F9187C}.
{F3119DDF-C44B-43A2-911F-2C147009214F} canceled.
1 out of 2 jobs canceled.

========= End of CMD: =========


========= netsh advfirewall reset =========

Aceptar


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========

Aceptar


========= End of CMD: =========


========= netsh int ipv4 reset =========

Reenvˇo de compartimiento se restableci˘ correctamente.
Compartimiento se restableci˘ correctamente.
Protocolo de control se restableci˘ correctamente.
Solicitud de secuencia eco se restableci˘ correctamente.
Global se restableci˘ correctamente.
Interfaz se restableci˘ correctamente.
Direcci˘n de difusi˘n por proximidad (a se restableci˘ correctamente.
Direcciones de multidifusi˘n se restableci˘ correctamente.
Direcci˘n de unidifusi˘n se restableci˘ correctamente.
Vecino se restableci˘ correctamente.
Ruta de acceso se restableci˘ correctamente.
Posible se restableci˘ correctamente.
Directiva de prefijo se restableci˘ correctamente.
Vecino de proxy se restableci˘ correctamente.
Ruta se restableci˘ correctamente.
Prefijo de sitio se restableci˘ correctamente.
Subinterfaz se restableci˘ correctamente.
Patr˘n de reactivaci˘n se restableci˘ correctamente.
Resolver vecino se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
Reinicie el equipo para completar esta acci˘n.


========= End of CMD: =========


========= netsh int ipv6 reset =========

Reenvˇo de compartimiento se restableci˘ correctamente.
Compartimiento se restableci˘ correctamente.
Protocolo de control se restableci˘ correctamente.
Solicitud de secuencia eco se restableci˘ correctamente.
Global se restableci˘ correctamente.
Interfaz se restableci˘ correctamente.
Direcci˘n de difusi˘n por proximidad (a se restableci˘ correctamente.
Direcciones de multidifusi˘n se restableci˘ correctamente.
Direcci˘n de unidifusi˘n se restableci˘ correctamente.
Vecino se restableci˘ correctamente.
Ruta de acceso se restableci˘ correctamente.
Posible se restableci˘ correctamente.
Directiva de prefijo se restableci˘ correctamente.
Vecino de proxy se restableci˘ correctamente.
Ruta se restableci˘ correctamente.
Prefijo de sitio se restableci˘ correctamente.
Subinterfaz se restableci˘ correctamente.
Patr˘n de reactivaci˘n se restableci˘ correctamente.
Resolver vecino se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
Error al restablecer .
Acceso denegado.

 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
 se restableci˘ correctamente.
Reinicie el equipo para completar esta acci˘n.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74866008 B
Java, Flash, Steam htmlcache => 368447182 B
Windows/system/drivers => 522595 B
Edge => 159762 B
Chrome => 0 B
Firefox => 1102256318 B
Opera => 199552 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 3589824 B
systemprofile32 => 0 B
LocalService => 2732 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Lukasz => 28978963 B

RecycleBin => 0 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:04:16 ====

Perfecto @Bobek90 :+1: excelente, nos alegra ver que ya está el problema inicial completamente arreglado, ahora solo queda eliminar las herramientas usadas.

Para hacerlo descarga :arrow_forward: DelFix.exe en tu escritorio.

  • Doble clic para ejecutarlo. (Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona - Ejecutar como Administrador -).

  • Marca todas las casillas, y pulsas en Run

Se abrirá el informe (DelFix.txt), puedes cerrarlo.


Para cualquier otro problema, no dudes en volver a postear., ya sabes dónde estamos. :+1:

Tema Solucionado.

Saludos, Javier.