Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

zpomalený a zasekávající se notebook

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

zpomalený a zasekávající se notebook

#1 Příspěvek od neummi »

Zdravím,

poslední dobou se mi začal značně zpomalovat notebook a včera se začal notebook i zasekávat. Z ničeho nic přestane reagovat (nemohou spouštět další aplikace, stránky se přestanou načítat) ovšem je divné, že kurzor funguje a mohu se přepínat mezi prohlížeči - opera, chrome, firefox a dokonce otevírat nové listy, ale stránky se nenačtou). Tento zásek trvá cca 10 minut a pak mohu opět normálně pracovat, ale po nějaké době se situace opakuje. Bohužel restart problém nevyřeší. Problému nepředcházela žádná instalace HW ani SW.

Předem děkuji za kontrolu a případné rady :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Milan (administrator) on MILAN-PC (15-10-2018 21:21:02)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
() C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Opera Software) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-16] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-05-21] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-05-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2012-05-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-31] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-12] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Intelligent Touchpad] => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [556136 2017-08-02] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [403048 2017-08-02] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Run: [Dropbox Update] => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd)
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} - E:\Startme.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-04-01] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2017-11-12]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2018-10-15]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{7FEB627C-699F-4046-9FB7-07B4A09F8FF0}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{C7CC11B7-7E4D-4720-86A4-3351F97F3D3A}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://site05.remoteoffice.europe.citigroup.com/dana-na/auth/url_default/welcome.cgi
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393 [2018-10-15]
FF Homepage: Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393 -> www.google.cz
FF Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\Extensions\sp@avast.com.xpi [2018-06-24]
FF Extension: (Avast Online Security) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\Extensions\wrc@avast.com.xpi [2018-10-11]
FF Extension: (Telemetry coverage) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\features\{afe1aad0-7f59-437e-b8d7-cf83d7b14beb}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-12] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-11-22] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-08-02] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-06-28] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2018-10-15]
CHR Extension: (Dokumenty) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-28]

Opera:
=======
OPR Extension: (Install Chrome Extensions) - C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-08-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-31] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-31] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-06] ()
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-15] (EasyAntiCheat Ltd)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3071632 2014-05-06] (INCA Internet Co., Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-06-08] (Geek Software GmbH)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23920 2017-12-12] ()
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [199712 2018-08-31] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229384 2018-08-31] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201320 2018-08-31] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-08-31] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59568 2018-08-31] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [249016 2018-08-31] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111864 2018-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87904 2018-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-08-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381560 2018-08-31] (AVAST Software)
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [593024 2010-11-25] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-09] (DT Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-03] (REALiX(tm))
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Intel(R) Corporation) [File not signed]
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo Corporation")
R1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-04-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-15 21:21 - 2018-10-15 21:38 - 000029957 _____ C:\Users\Milan\Desktop\FRST.txt
2018-10-15 21:20 - 2018-10-15 21:21 - 000000000 ____D C:\FRST
2018-10-15 21:19 - 2018-10-15 21:19 - 002414592 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2018-10-15 21:16 - 2018-10-15 21:16 - 000003340 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-596090282-1410466437-1780385450-1001
2018-10-15 21:16 - 2018-10-15 21:16 - 000003206 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-596090282-1410466437-1780385450-1001
2018-10-11 10:09 - 2018-10-11 10:09 - 004504089 _____ C:\Users\Milan\Desktop\CrystalDiskInfo7_8_0.zip
2018-10-11 09:53 - 2018-10-11 09:53 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-02 21:52 - 2018-10-02 21:52 - 000087003 _____ C:\Users\Milan\Desktop\Klientské centrum _ MALL.CZ.pdf
2018-10-02 21:30 - 2018-10-02 21:30 - 000032914 _____ C:\Users\Milan\Desktop\priloha1.PDF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-15 21:19 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-15 21:19 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-15 21:15 - 2018-04-12 00:01 - 000000000 ____D C:\Users\Milan\AppData\Local\AVAST Software
2018-10-15 21:15 - 2015-07-02 00:48 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA.job
2018-10-15 21:12 - 2012-05-21 07:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-15 21:10 - 2015-07-02 00:48 - 000000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core.job
2018-10-15 21:10 - 2014-08-31 12:03 - 000437575 _____ C:\Windows\system32\fastboot.set
2018-10-15 21:10 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-15 21:09 - 2016-11-16 00:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-15 21:09 - 2012-06-28 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-15 20:56 - 2016-11-17 09:42 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2018-10-14 22:19 - 2012-05-21 06:59 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-10-14 22:19 - 2012-05-21 06:59 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-10-14 22:19 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-14 22:19 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-10-14 22:13 - 2017-03-10 15:28 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-13 14:31 - 2014-06-26 14:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-13 06:13 - 2017-03-13 00:43 - 000000000 ____D C:\Users\Milan\AppData\Local\Citrix
2018-10-11 22:54 - 2018-04-12 00:03 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-11 09:53 - 2012-10-11 13:37 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Dropbox
2018-10-10 13:42 - 2018-09-06 20:48 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-10 13:42 - 2018-03-25 21:27 - 000003020 _____ C:\Windows\System32\Tasks\PMTask
2018-10-10 13:42 - 2018-03-13 17:04 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-10 13:42 - 2018-01-06 16:54 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2018-01-06 16:54 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-10 13:42 - 2017-02-24 22:53 - 000003116 _____ C:\Windows\System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4}
2018-10-10 13:42 - 2016-12-03 17:24 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Milan)
2018-10-10 13:42 - 2016-11-24 23:56 - 000003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1474711096
2018-10-10 13:42 - 2016-10-24 15:03 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-10 13:42 - 2016-09-29 12:54 - 000003114 _____ C:\Windows\System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC}
2018-10-10 13:42 - 2016-09-24 13:38 - 000004516 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-10 13:42 - 2015-12-04 00:42 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-10-10 13:42 - 2015-07-02 00:48 - 000003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA
2018-10-10 13:42 - 2015-07-02 00:48 - 000003502 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core
2018-10-10 13:42 - 2015-01-01 18:05 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-10 13:42 - 2014-04-21 09:22 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-10 13:42 - 2014-04-21 09:22 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-10 13:42 - 2012-12-20 13:00 - 000002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-10-10 13:42 - 2012-06-28 13:31 - 000003082 _____ C:\Windows\System32\Tasks\RealCreateProcessScheduledTask3381399S-1-5-21-596090282-1410466437-1780385450-1001
2018-10-09 17:04 - 2012-07-05 20:09 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-09 17:04 - 2012-06-28 10:55 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-09 17:04 - 2012-06-28 10:55 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-09 17:04 - 2012-06-28 10:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-10-08 22:57 - 2013-02-28 21:13 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2018-10-06 13:10 - 2012-06-28 10:52 - 000000000 ____D C:\Program Files (x86)\Opera
2018-10-06 13:08 - 2012-06-28 13:17 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Media Player Classic
2018-09-18 21:41 - 2012-07-02 18:15 - 000000000 ____D C:\web
2018-09-18 21:03 - 2014-04-21 09:23 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-15 22:55 - 2012-06-28 13:56 - 000000000 ____D C:\Users\Milan\AppData\Roaming\BSplayer
2018-09-15 17:54 - 2018-06-26 11:10 - 000000000 ____D C:\Users\Milan\Desktop\foto

==================== Files in the root of some directories =======

2012-12-31 15:24 - 2009-03-03 00:47 - 000049233 _____ () C:\Users\Milan\fat32format.exe
2012-06-28 11:36 - 2012-06-28 11:37 - 000008192 _____ () C:\Users\Milan\AppData\Roaming\records_db
2012-09-28 11:24 - 2013-10-28 10:49 - 000000600 _____ () C:\Users\Milan\AppData\Roaming\winscp.rnd
2016-09-07 00:13 - 2016-09-27 23:25 - 000004608 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-21 22:38 - 2018-06-21 22:38 - 000003256 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2018-02-17 23:11 - 2018-02-17 23:11 - 000007618 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-28 18:32

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Milan (15-10-2018 21:38:59)
Running from C:\Users\Milan\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-06-28 08:20:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-596090282-1410466437-1780385450-500 - Administrator - Disabled)
Guest (S-1-5-21-596090282-1410466437-1780385450-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-596090282-1410466437-1780385450-1003 - Limited - Enabled)
Milan (S-1-5-21-596090282-1410466437-1780385450-1001 - Administrator - Enabled) => C:\Users\Milan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Reader XI - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Age Of Empires 2 (HKLM-x32\...\Age Of Empires 2_is1) (Version: - Martin)
Aktualizace NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 381.65 - NVIDIA Corporation) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.9.9 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.0.829.81 - AVAST Software)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.1.8321 - )
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.62.1068 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Citrix Receiver 4.9 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.9.0.2539 - Citrix Systems, Inc.)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (HKLM\...\{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}) (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (HKLM-x32\...\{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (HKLM-x32\...\{CA3861BA-1D96-4D66-B577-318E1602C4F3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (HKLM-x32\...\{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (HKLM-x32\...\{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (HKLM-x32\...\{356658C7-8C60-4A43-AF50-75CA8E642934}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (HKLM-x32\...\{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (HKLM-x32\...\{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (HKLM-x32\...\{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (HKLM-x32\...\{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (HKLM-x32\...\{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (HKLM-x32\...\{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (HKLM-x32\...\{59123CCF-FED2-46FF-9293-D1DC80042219}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (HKLM-x32\...\{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (HKLM-x32\...\{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (HKLM-x32\...\{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (HKLM-x32\...\{260ED378-2B8C-4831-ADAE-D0712D119AC5}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (HKLM-x32\...\{9244E956-5939-4B88-930C-0699D4AB2B95}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (HKLM-x32\...\{B399C91E-96F2-4265-9884-1C9A10E9FCF4}) (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
Counter-Strike 1.6 Non-Steam 1.0 (HKLM-x32\...\Counter-Strike 1.6 Non-Steam 1.0) (Version: - )
CPUID HWMonitor 1.27 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Dropbox (HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Dropbox) (Version: 59.4.93 - Dropbox, Inc.)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: - )
Empire Earth II Gold Edition (HKLM-x32\...\Empire Earth II Gold Edition_is1) (Version: - GOG.com)
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.8 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.3.8 - Lenovo)
Enterprise Architect 10 - 30 Day Trial Edition (HKLM-x32\...\{4C78E7B2-AE8C-492E-8A97-BA6A641C616B}) (Version: 10.00.1009.8 - Sparx Systems)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EUVDI-IFDC-A (HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\citivirtua-5a52e145@@CTRXEUXDFDC70.EUVDI-IFDC-A $P9450) (Version: 1.0 - Delivered by Citrix)
FlatOut 2 (HKLM-x32\...\{4E6D2462-AB33-40BB-AA9F-3FA3E0DD0290}) (Version: 1.00.0000 - Empire Interactive)
FreePDF Creator (HKLM\...\{0AA0475E-1CC0-47F0-A1E0-28F2DBDB00D1}_is1) (Version: 1.0.0.0 - pdfconverter.com)
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Deskjet 2050 J510 series Nápověda (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2656 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel(R) Wireless Music device driver (HKLM\...\{4169B8AC-D144-4E38-A9CA-637EA44129ED}) (Version: 1.5.5323.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Intelligent Touchpad (HKLM-x32\...\{FDB0A81A-1173-4B15-BEA4-89FEA0474F17}) (Version: 1.00.0108 - Lenovo)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.64.1 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
jwDuplFiles 2.0 (HKLM-x32\...\jwDuplFiles_is1) (Version: - jw)
Knights and Merchants - The Peasants Rebellion (HKLM-x32\...\Knights and Merchants - The Peasants Rebellion_is1) (Version: - GOG.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2300 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.1.7600.117 - Realtek Semiconductor Corp.)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.5 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo Service Bridge (HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\dda9ca0b023f4c56) (Version: 1.6.6.0 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0070 - Lenovo)
Lenovo YouCam (HKLM-x32\...\{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.) Hidden
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3728 - CyberLink Corp.)
LockKey (HKLM-x32\...\{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo) Hidden
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
Media Player Classic - Home Cinema 1.6.1.4235 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.6.1.4235 - MPC-HC Team)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{ACE0935B-2B99-4D0A-B173-8CACC6051029}) (Version: 7.02.0989 - Nero AG)
Nsd (HKLM-x32\...\{4677B88C-CE16-4CBB-A2CB-B76E9D456C7F}) (Version: 1.0.1.7 - Lenovo)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 381.65 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Onekey Theater (HKLM-x32\...\{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.9 - Lenovo) Hidden
Onekey Theater (HKLM-x32\...\InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}) (Version: 2.0.2.9 - Lenovo)
Online Plug-in (HKLM-x32\...\{5C38E4A7-9778-4C51-8021-61759600D96A}) (Version: 14.9.0.2539 - Citrix Systems, Inc.) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Opera Stable 56.0.3051.36 (HKLM-x32\...\Opera 56.0.3051.36) (Version: 56.0.3051.36 - Opera Software)
Ovládací panel NVIDIA 381.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 381.65 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{5EB90C06-964F-4195-B83E-BD7E55C88415}) (Version: 12.00.0017 - Pinnacle Systems)
PDF24 Creator 8.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.0.0.6163 - Team V.R)
Pinnacle Studio 12 Ultimate Plugins (HKLM-x32\...\{D1860E6E-520E-4380-8433-E58E8F88B473}) (Version: 12.0.0.0 - Pinnacle Systems)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.14 - Lenovo Group Limited)
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.5 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6543 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RegInOut System Utilities (HKLM-x32\...\RegInOut System Utilities_is1) (Version: 5.0.0.1 - SORCIM Technologies)
Self-service Plug-in (HKLM-x32\...\{C7E328BE-E4FF-4D07-B848-1179C42C8AD4}) (Version: 4.9.0.2528 - Citrix Systems, Inc.) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sweet Home 3D version 5.2 (HKLM\...\Sweet Home 3D_is1) (Version: 5.2 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Verbatim GREEN BUTTON 1.68 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version: - Verbatim)
Verbatim Hard Drive Formatter 1.41 (HKLM-x32\...\Verbatim Hard Drive Formatter_is1) (Version: - Verbatim)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinSCP 5.1 (HKLM-x32\...\winscp3_is1) (Version: 5.1 - Martin Prikryl)
Základní software zařízení HP Deskjet 2050 J510 series (HKLM\...\{F61FD928-A74D-4AF9-9667-BE2BB6F2C386}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-31] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-31] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-31] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-31] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-02-17] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-04-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-31] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-596090282-1410466437-1780385450-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-596090282-1410466437-1780385450-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-596090282-1410466437-1780385450-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Milan\AppData\Roaming\Dropbox\bin\DropboxExt64.25.0.dll [2018-10-09] (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00547980-4228-4257-B4FF-353238209E3D} - System32\Tasks\Opera scheduled Autoupdate 1474711096 => C:\Program Files (x86)\Opera\launcher.exe [2018-10-02] (Opera Software)
Task: {01D68EEB-85D7-4291-BB01-E408D467A73D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation)
Task: {0913EA67-CC5A-4CC1-AC3F-EB1AD6D6AF8E} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2017-07-27] (Lenovo Group Limited)
Task: {0AE2BBF5-175E-4D00-9D86-DDA5E4D708D2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {28434FD5-8679-4438-A9EE-636600C6FB3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {36DC6255-0FCA-4BB8-9AF1-DAC14040B353} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_pepper.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {3BAA53B2-58B5-4524-B32A-B98856AC349A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-04-01] (NVIDIA Corporation)
Task: {3BE7EBB5-2F85-4CBA-BC47-C9EEF6EF83C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {50A6F357-0748-4282-9EA1-0CAF11CFDC51} - System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4} => C:\Windows\system32\pcalua.exe -a C:\Users\Milan\Desktop\Msvbvm50.exe -d C:\Users\Milan\Desktop
Task: {59DD2A1F-2F88-42DD-8EFB-23FDE3B8E2AD} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-14] (AVAST Software)
Task: {6C27E475-03ED-4FDF-84EF-F067CD01C8B7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {6C65054F-8F4A-40AD-8154-18870ECDAAA1} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2011-01-29] (CyberLink)
Task: {7248C1DB-BFBD-4446-827E-2CA227AB508E} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-596090282-1410466437-1780385450-1001 => "C:\Windows\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {7506A3B3-B8D3-474F-8C63-DAAD2A362E02} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-04-01] (NVIDIA Corporation)
Task: {853D86D5-F9C3-4F4F-B8EB-A5A31EBE620F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {85BFFA1E-7FE3-4528-80EC-78643306F5E2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {8B9105E4-7E7F-44D0-B4FD-4F98033377A5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-31] (AVAST Software)
Task: {8F20CD73-91B4-41E5-B907-944A4F46D1F0} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation)
Task: {94478032-464E-4C88-9EE7-E33EF7D6DEDD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-04-01] (NVIDIA Corporation)
Task: {95FB4A2A-E7C9-4646-B2B4-384802C58D9F} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] ()
Task: {969C0A06-059B-4383-8899-EF91CC293546} - System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Torntv V9.0\Uninstall.exe" -c /fcp=1
Task: {A2238088-875B-49FE-B599-2D7E835E813F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-596090282-1410466437-1780385450-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {AA59E2FA-58E5-4E65-8F81-5B4986AEB5D2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-04-01] (NVIDIA Corporation)
Task: {B1ECCE0C-D32E-4430-981F-E5E67EFE7E88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {BC2C4F57-982E-446C-9F33-8DB901A5D627} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {C291B96D-32C6-4845-B59B-73A39B8EDF3C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {C687D2BE-F71F-451C-9D78-74B0305D116D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-06] (Piriform Ltd)
Task: {C982C355-A259-449C-BA80-F1C3917F7B96} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-09] (Adobe Systems Incorporated)
Task: {D16397A2-74B5-496D-AD8D-84F508465E7A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-06] (Piriform Ltd)
Task: {E19343E1-B2EA-408D-9D8C-71B6C40FD122} - System32\Tasks\RealCreateProcessScheduledTask3381399S-1-5-21-596090282-1410466437-1780385450-1001 => C:\Program Files (x86)\Real\RealPlayer\realplay.exe [2012-06-28] (RealNetworks, Inc.)
Task: {E969B764-405F-4CBB-85BD-DA402A09BD8B} - System32\Tasks\Driver Booster SkipUAC (Milan) => C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe
Task: {EF5B67D4-27C8-4093-BBE7-5B6F7158A8E4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-04-01] (NVIDIA Corporation)
Task: {F2648F88-7E2C-48E4-8048-8CDAE53B5BA9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-596090282-1410466437-1780385450-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-06-21] (RealNetworks, Inc.)
Task: {F2BD7E3A-92BC-4DCC-98BF-9DD5D564112F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2017-12-12] ()
Task: {F2FAB902-66C5-4077-80C8-0D817F434F21} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core.job => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA.job => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-01-06 16:49 - 2017-04-01 05:20 - 000020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-06-02 22:58 - 2011-06-02 22:58 - 000201568 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect64.dll
2011-06-02 22:59 - 2011-06-02 22:59 - 000156000 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll64.dll
2008-12-20 12:20 - 2012-05-21 08:03 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-03-28 23:34 - 2012-05-21 08:03 - 001509936 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-09 00:36 - 2012-05-21 08:03 - 000011096 _____ () C:\Program Files (x86)\Lenovo\Energy Management\cs-CZ\EMWpfUI.resources.dll
2008-12-20 12:20 - 2012-05-21 08:03 - 000054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2012-05-21 08:00 - 2012-05-21 08:00 - 000099680 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
2018-01-06 16:54 - 2017-04-01 05:20 - 001148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-06 16:54 - 2017-04-01 05:20 - 004490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2012-05-21 07:34 - 2010-10-26 07:40 - 000049056 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2018-09-18 21:03 - 2018-09-15 10:26 - 005110616 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libglesv2.dll
2018-09-18 21:03 - 2018-09-15 10:26 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\libegl.dll
2018-10-06 13:10 - 2018-10-06 13:10 - 104140888 _____ () C:\Program Files (x86)\Opera\56.0.3051.36\opera_browser.dll
2018-10-06 13:10 - 2018-10-06 13:10 - 005082200 _____ () C:\Program Files (x86)\Opera\56.0.3051.36\libglesv2.dll
2018-10-06 13:10 - 2018-10-06 13:10 - 000116824 _____ () C:\Program Files (x86)\Opera\56.0.3051.36\libegl.dll
2018-02-07 18:17 - 2017-12-12 11:25 - 000020360 _____ () C:\Program Files (x86)\Lenovo\System Update\TvsuCommandLauncher.exe
2018-02-07 18:17 - 2017-12-12 11:25 - 000028016 _____ () C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
2018-02-07 18:17 - 2017-12-12 11:25 - 000023920 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2018-08-31 08:55 - 2018-08-31 08:55 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-10-15 20:53 - 2018-10-15 20:53 - 005709968 _____ () C:\Program Files\AVAST Software\Avast\defs\18101502\algo.dll
2018-08-31 08:55 - 2018-08-31 08:55 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-31 08:55 - 2018-08-31 08:55 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-08-31 08:55 - 2018-08-31 08:55 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-08-31 08:54 - 2018-08-31 08:54 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2011-06-02 22:57 - 2011-06-02 22:57 - 000161120 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll
2011-06-02 22:58 - 2011-06-02 22:58 - 000132448 _____ () C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll
2018-01-06 16:49 - 2017-04-01 05:20 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2018-03-09 22:51 - 2018-03-09 22:51 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-01-06 16:54 - 2017-04-01 05:20 - 000901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-06 16:54 - 2017-04-01 05:20 - 003776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-12-23 00:10 - 2017-12-23 00:10 - 000172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\f203ecbdc8e8f4f836e1627efb89f9ae\IsdiInterop.ni.dll
2012-05-21 07:25 - 2011-11-30 05:00 - 000059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-21 07:26 - 2012-02-21 06:09 - 001198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [470]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.cmd: => <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Classes\.reg: => <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-08-30 21:22 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AVerRemote => 3
MSCONFIG\Services: AVerScheduleService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dropbox Update => "C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Free PDF Print Dispatcher => C:\Program Files (x86)\pdfconverter.com\FreePDF Creator\itFPCPrnDisp.exe
MSCONFIG\startupreg: Lenovo EE Boot Optimizer => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0273E7BD-18F7-4F81-88E0-39AF1E568D81}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{5728AE8F-ED55-420B-BF53-1EC529C742AD}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0D85F882-6857-4EF8-81E4-FCF3DCC32227}] => (Allow) LPort=2869
FirewallRules: [{7E403A87-ACE3-444D-BD6A-FC68322279DA}] => (Allow) LPort=1900
FirewallRules: [{9E6A0DAB-A24B-4A67-AC2F-00117C300E53}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{12C13C80-0F4E-4F37-B2F5-821CC48A6044}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3F908E6F-907B-4534-AE0F-56156458C046}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{7816346F-828A-4834-90FE-4DD6B8D27930}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{2EB5A2B0-F83E-4BA2-BA8A-86191067279A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A24779D7-9902-4209-9AA4-675467111296}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{406515C6-FEF4-4486-9F6F-C681A3B30A60}C:\programy\totalcmd\totalcmd64.exe] => (Allow) C:\programy\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{05523B7A-BF97-4396-8DAD-C00D1BF3643D}C:\programy\totalcmd\totalcmd64.exe] => (Allow) C:\programy\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{2C6F7CEF-D405-428B-BBFC-1BC06AFD21E8}C:\programy\totalcmd\totalcmd64.exe] => (Allow) C:\programy\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{C1B24A27-6941-4018-89E6-59EA2AA10511}C:\programy\totalcmd\totalcmd64.exe] => (Allow) C:\programy\totalcmd\totalcmd64.exe
FirewallRules: [{C055A8EC-5D2E-4788-B6D4-39B3E496759F}] => (Allow) C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{BD425815-D20F-4755-BAB3-237A67112253}] => (Allow) C:\Users\Milan\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C03398A8-8437-47A3-B6A6-A844B7B8C7C1}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{1074002D-C4F8-4087-88EA-99511F03FED6}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\RM.exe
FirewallRules: [{958B172F-47DE-49B3-8A53-6154F5F3445A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{4C19F9D1-D369-4006-ADCD-D9EE6F77BFC9}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\Studio.exe
FirewallRules: [{24A739B1-B636-4646-8C9D-458258B41748}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [{0F8310D7-26DD-418A-B70B-EE3052144E7E}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 12\Programs\umi.exe
FirewallRules: [TCP Query User{2D66282F-1C28-42FC-A46C-2E4DB08BD559}C:\hry\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\hry\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [UDP Query User{33540ED7-A7E8-47A3-B87B-EAC2AEB6BD3A}C:\hry\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\hry\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [TCP Query User{46359F2A-C3F8-4F06-A6B4-2BCF3E79BC87}C:\users\milan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\milan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{31F5C597-53FA-4A71-899F-79D6AAF82DC4}C:\users\milan\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\milan\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{5FD84994-49BB-4F1B-99F8-43A19EB104DB}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{273AEC2F-AF13-453C-94DF-1DF6FEF7C5CF}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{31B67B81-A49F-4D52-96CE-9FF9AC32FB05}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\milan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{F54A4EDD-D7C2-4F3A-ACE1-FA644DDC4FDA}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\milan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{41CC8C81-721F-48B0-B971-CACEF588F281}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{535AD811-F4C0-4FF2-96EA-FA6C2C99354A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{045BC7E0-33F8-4C81-B2E8-209973BFA191}C:\hry\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\hry\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [UDP Query User{F8D18A58-8C2F-4FC7-9A11-4AACF4D9ABB3}C:\hry\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\hry\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [{FFD6BD9A-DC32-4073-BC69-3B3341A48898}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F6F0DD13-CDF1-4D9D-966F-0D777D20CB6F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{A4860324-96E0-40C1-9467-C19577E4BC22}C:\users\milan\gsplay\csko\hl.exe] => (Block) C:\users\milan\gsplay\csko\hl.exe
FirewallRules: [UDP Query User{4EA93A08-C161-4173-960C-66386FCDC56E}C:\users\milan\gsplay\csko\hl.exe] => (Block) C:\users\milan\gsplay\csko\hl.exe
FirewallRules: [{D735E2D9-DD7E-48DE-9E61-A35594D2157C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8A24B9B9-C7DC-47E6-ADBE-86BD0A6ABDD0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CFE31BAC-F675-4B80-B14E-4677700D53A5}C:\hry\empire earth ii\ee2.exe] => (Allow) C:\hry\empire earth ii\ee2.exe
FirewallRules: [UDP Query User{F545E067-1975-4270-B6A8-BF3CCB782877}C:\hry\empire earth ii\ee2.exe] => (Allow) C:\hry\empire earth ii\ee2.exe
FirewallRules: [TCP Query User{182BD79D-9384-4669-A13D-6846F7F35B52}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{70FAE9FA-9578-48FE-808D-C2CF429BF8A9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{2CF8C94B-417B-4344-AA64-4F61A42BDC8A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{56DE5B1E-9A64-44EB-8CFD-0E776D4BFFB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A242BFC-217D-496D-AC87-EC199DCDEEE7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9ADE015A-70DE-492B-A690-E69828730813}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3B94F95B-ADE3-4CFC-9807-C9A11544FB79}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{168889DE-4A99-4101-A83A-183AC1A78DE4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{183069E5-68FF-4110-91FA-AEDFF3841207}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4001A76A-745F-4C62-8763-F64886144010}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{6E50C36D-63AD-4702-BCFB-6F9C41756243}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{BF75BB8A-4374-4393-8235-F0A237326C3D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E4E54966-8432-46D7-822E-D197E43BA6DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{0E87ADB9-CF02-46EF-BA72-DA92A0016E73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{E90940D3-FB1E-4C83-97EA-6814118EAD54}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{B7593E82-88DC-4B71-BB33-96B845BC72AE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{89F2DEB6-97BB-42C4-A89C-99CE360CD0C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C117F7B4-4589-423D-8060-5CB6FC8AF85A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CFDBC9C-D7B0-4050-9042-79929BA24CAE}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{87A416AA-2696-47EC-8433-692D71727137}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{22A30E06-20D6-41D1-B25D-4EFFB320A094}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{E359987A-7AA3-464A-93B8-10FEDDCE79C3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{CBA4DC3C-9CC5-45C4-83AD-4FCAE74B2DA6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3A9AB24D-F023-4B2D-B0BC-A4C73B94BD2D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FE3EEC2D-851E-4253-9C5C-ED8285455696}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.61\opera.exe
FirewallRules: [{36CB5AF6-83E6-4522-9B03-EC9A45164336}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6C7B23F0-CEC8-4D4D-A442-0CBDB53E5575}] => (Allow) C:\Program Files (x86)\Opera\56.0.3051.36\opera.exe
FirewallRules: [{D893D4C7-FF06-47C4-9864-FFC613B1560F}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{1DB1BEE6-E53E-4BAD-95D0-30F604186073}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{04FE28F5-2E05-4CDC-A724-C7D224139533}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{729F0762-6C58-42C4-B56E-52EE578B6EC8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{2FB203EC-302C-4D3D-A244-2E3B4F95EC8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

13-08-2018 10:46:33 Naplánovaný kontrolní bod
26-08-2018 08:36:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Broadcom Bluetooth 4.0 USB
Description: Broadcom Bluetooth 4.0 USB
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2018 09:38:26 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (10/15/2018 09:13:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (10/15/2018 09:11:37 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---NvContainerLocalSystem failed with 0, The Code is:0x710.).

Error: (10/15/2018 09:11:34 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---NvTelemetryContainer failed with 0, The Code is:0x710.).

Error: (10/15/2018 09:11:16 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---avast failed with 0, The Code is:0x710.).

Error: (10/15/2018 09:11:09 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).

Error: (10/15/2018 09:11:09 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---Get Poicy Open key suc failed with 0, The Code is:0x422.).

Error: (10/15/2018 09:11:09 PM) (Source: NSDSvc) (EventID: 256) (User: )
Description: An error has occurred (---query POLICYVT key success failed with 0, The Code is:0x424.).


System errors:
=============
Error: (10/15/2018 09:36:28 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:34:27 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:32:26 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:30:25 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:28:24 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:27:23 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:25:23 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.

Error: (10/15/2018 09:23:23 PM) (Source: iaStor) (EventID: 9) (User: )
Description: Zařízení \Device\Ide\iaStor0 neodpovídá v periodě časového limitu.


Windows Defender:
===================================
Date: 2016-06-07 19:21:07.629
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{D453094F-7A56-49EF-8928-3E6432B10508}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-05-12 11:31:27.522
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{32E5D9AA-9DA0-44E9-939B-E593286DF1C4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-04-30 09:02:23.361
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{AD7B7CE3-2F68-44F2-A13D-F385900ACA7F}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2016-06-15 18:58:58.964
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2016-06-15 18:58:58.948
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

CodeIntegrity:
===================================

Date: 2018-09-14 07:39:43.255
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-09-14 07:39:42.918
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-24 20:54:06.411
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-24 20:54:05.896
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-24 20:53:57.447
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-24 20:53:56.964
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-19 13:57:58.856
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-19 13:57:58.634
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 36%
Total physical RAM: 8094.36 MB
Available physical RAM: 5167.18 MB
Total Virtual: 16186.89 MB
Available Virtual: 13205.08 MB

==================== Drives ================================

Drive c: (DATA) (Fixed) (Total:886.32 GB) (Free:21.87 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (ZALOHA) (Fixed) (Total:25.47 GB) (Free:21.3 GB) NTFS

\\?\Volume{b1bc5f46-a302-11e1-8e50-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:0.2 GB) (Free:0.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 83D786B6)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=886.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End of Addition.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#3 Příspěvek od neummi »

děkuji za velmi rychlou reakci :)

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-12.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-15-2018
# Duration: 00:00:11
# OS: Windows 7 Home Premium
# Cleaned: 29
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\RegInOut
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegInOut System Utilities
Deleted C:\Program Files (x86)\RegInOut System Utilities

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB3FC28C-7E85-400E-894A-F76CFE451497}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFFAF3E-5696-4A4D-BC4C-97B9991E5A43}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D705CFBE-7571-4CCB-BEC9-A38AB7398B20}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D322221B-A5B9-4337-AE6A-4011ED902B4D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD645EA9-A942-489B-BC32-F644F560FD4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89CCE377-EBF0-414C-A76F-8336A3FF7D8}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8977947C-9A65-4E8C-8AB3-8C2970A272C1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8691FF80-9AD4-4AEC-B3AE-8391324027}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7cbfc949-2735-4fa4-b7c6-cac03629f76f}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7462A9CF-3D6C-4922-A9A9-451434F9EA1B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{678BAFBE-72F8-4089-9F62-C46A31E47A9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65D84B55-B990-429A-99D3-6193F1983B63}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{627343CF-335B-4040-AFC7-DB4BD4CAC61}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EE92853-3D5D-494D-ABEB-CA3819AC49}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B1E8058-7920-4F06-A8FE-AF19BCC79123}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C99F3AE-B12-402E-B164-D2C55D5D691}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B95C1DB-D04-4ECE-9784-32BFCD5E2469}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3B555EE0-FA13-4E44-BDC0-3327DDBE2F9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D41378-F1F8-4876-B810-543439937}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{114E8958-4493-4270-869A-C41F52F67B6}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7cbfc949-2735-4fa4-b7c6-cac03629f76f}
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\RegInOut
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RegInOut System Utilities_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4810 octets] - [15/10/2018 21:58:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#4 Příspěvek od Rudy »

OK. Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#5 Příspěvek od neummi »

Problém stále přetrvává a přijde mi, že se to zhoršuje. Zkoušel jsem i nouzový režim a stejné chování jako v normálním režimu. Na některých zahraničních fórech se lidé zmiňují, že je to způsobené virem nebo dosluhující HDD. Tak budu doufat, že najdete nějakého prevíta :)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.10.2018
Ran by Milan (administrator) on MILAN-PC (16-10-2018 23:05:42)
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-16] (Synaptics Incorporated)
HKLM\...\Run: [SynLenovoGestureMgr] => C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [410896 2011-12-16] (Synaptics)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12343400 2011-12-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [789856 2012-05-21] (Lenovo)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-05-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6200368 2012-05-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-16] (AVAST Software)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-12] (Intel Corporation)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-26] ( )
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-30] (Intel Corporation)
HKLM-x32\...\Run: [Intelligent Touchpad] => C:\Program Files\Lenovo\Intelligent Touchpad\TouchZone.exe [291272 2011-12-08] ()
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [556136 2017-08-02] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [403048 2017-08-02] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Run: [Dropbox Update] => C:\Users\Milan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd)
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} - E:\Startme.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [170360 2017-04-01] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2017-04-01] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Lenovo\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Citrix Receiver.lnk [2017-11-12]
ShortcutTarget: Citrix Receiver.lnk -> C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe (Citrix Systems, Inc.)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk [2018-10-16]
ShortcutTarget: Sledovat výstrahy inkoustu - HP Deskjet 2050 J510 series.lnk -> C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{7FEB627C-699F-4046-9FB7-07B4A09F8FF0}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{C7CC11B7-7E4D-4720-86A4-3351F97F3D3A}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://site05.remoteoffice.europe.citigroup.com/dana-na/auth/url_default/welcome.cgi
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7LENN
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2017-08-02] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393 [2018-10-16]
FF Homepage: Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393 -> www.google.cz
FF Extension: (Avast SafePrice) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\Extensions\sp@avast.com.xpi [2018-06-24]
FF Extension: (Avast Online Security) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\Extensions\wrc@avast.com.xpi [2018-07-17]
FF Extension: (Telemetry coverage) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\s9etiku7.default-1440877718393\features\{afe1aad0-7f59-437e-b8d7-cf83d7b14beb}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-12] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2016-11-22] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-08-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2017-08-02] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-20] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-06-28] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.5.109 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-06-28] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://www.google.com/"
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2018-10-16]
CHR Extension: (Dokumenty) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Vyhledávání Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-04-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-06-28]

Opera:
=======
OPR Extension: (Install Chrome Extensions) - C:\Users\Milan\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2018-08-30]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-16] (AVAST Software)
S3 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-16] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-06] ()
S2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [945440 2012-02-02] (Broadcom Corporation.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-15] (EasyAntiCheat Ltd)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [724992 2006-10-09] (Nero AG) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3071632 2014-05-06] (INCA Internet Co., Ltd.)
S2 NSDSvc; C:\Windows\System32\NSDSvc.exe [120160 2011-12-24] (Lenovo)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-06-08] (Geek Software GmbH)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23920 2017-12-12] ()
S3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S3 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S3 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-16] (AVAST Software)
S1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-16] (AVAST Software)
S0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-16] (AVAST Software)
S0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-16] (AVAST Software)
S0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-16] (AVAST Software)
S1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-16] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-16] (AVAST Software)
S2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-16] (AVAST Software)
S1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-16] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-16] (AVAST Software)
S1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-16] (AVAST Software)
S1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-16] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-16] (AVAST Software)
S0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-16] (AVAST Software)
S3 AVerAF15DMBTH64; C:\Windows\System32\Drivers\AVerAF15DMBTH64.sys [593024 2010-11-25] (AVerMedia TECHNOLOGIES, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-09] (DT Soft Ltd)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-21] (Microsoft Corporation)
R3 hswpan; C:\Windows\System32\DRIVERS\hswpan.sys [109056 2012-01-27] (Ozmo Inc)
S1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-12-03] (REALiX(tm))
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [331264 2011-12-06] (Intel(R) Corporation) [File not signed]
R0 NSD; C:\Windows\System32\drivers\nsd.sys [24160 2011-12-24] (Lenovo Corporation")
S1 Nsdfltr; C:\Windows\System32\drivers\Nsdfltr.sys [59488 2011-12-22] (Lenovo Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-04-01] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [66608 2017-04-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
S3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8208488 2011-09-06] (Realtek Semiconductor Corp.)
U4 secdrv; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-16 22:51 - 2018-10-16 23:05 - 000576790 _____ C:\Windows\ntbtlog.txt
2018-10-16 22:35 - 2018-10-16 23:15 - 000024796 _____ C:\Users\Milan\Desktop\FRST.txt
2018-10-16 22:32 - 2018-10-16 22:32 - 000003206 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-596090282-1410466437-1780385450-1001
2018-10-16 22:31 - 2018-10-16 22:31 - 000003340 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-596090282-1410466437-1780385450-1001
2018-10-16 09:44 - 2018-10-16 09:43 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2018-10-16 09:43 - 2018-10-16 09:43 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-10-15 21:58 - 2018-10-15 21:59 - 000000000 ____D C:\AdwCleaner
2018-10-15 21:57 - 2018-10-15 21:57 - 007592144 _____ (Malwarebytes) C:\Users\Milan\Desktop\adwcleaner_7.2.4.0.exe
2018-10-15 21:20 - 2018-10-16 22:00 - 000000000 ____D C:\FRST
2018-10-15 21:19 - 2018-10-15 21:19 - 002414592 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2018-10-11 10:09 - 2018-10-11 10:09 - 004504089 _____ C:\Users\Milan\Desktop\CrystalDiskInfo7_8_0.zip
2018-10-11 09:53 - 2018-10-11 09:53 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-10-02 21:52 - 2018-10-02 21:52 - 000087003 _____ C:\Users\Milan\Desktop\Klientské centrum _ MALL.CZ.pdf
2018-10-02 21:30 - 2018-10-02 21:30 - 000032914 _____ C:\Users\Milan\Desktop\priloha1.PDF

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-16 23:05 - 2014-08-31 12:03 - 000177561 _____ C:\Windows\system32\fastboot.set
2018-10-16 22:36 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-16 22:36 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-16 22:34 - 2018-04-12 00:01 - 000000000 ____D C:\Users\Milan\AppData\Local\AVAST Software
2018-10-16 22:30 - 2012-05-21 07:19 - 000000000 ____D C:\ProgramData\NVIDIA
2018-10-16 22:27 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-16 22:16 - 2015-07-02 00:48 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA.job
2018-10-16 21:56 - 2015-07-02 00:48 - 000000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core.job
2018-10-16 21:45 - 2016-11-24 23:56 - 000003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1474711096
2018-10-16 21:45 - 2014-04-21 09:23 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-16 21:45 - 2012-06-28 10:52 - 000000000 ____D C:\Program Files (x86)\Opera
2018-10-16 09:44 - 2017-03-10 15:28 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-10-16 09:43 - 2017-11-16 21:47 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-10-16 09:43 - 2016-07-21 11:10 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-10-16 09:42 - 2018-01-06 11:09 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-10-16 09:42 - 2017-03-10 15:28 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-10-16 09:42 - 2017-03-10 15:28 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-10-16 09:42 - 2017-03-10 15:28 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-10-16 09:42 - 2017-03-10 15:28 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-10-16 09:37 - 2012-05-21 06:59 - 000669116 _____ C:\Windows\system32\perfh005.dat
2018-10-16 09:37 - 2012-05-21 06:59 - 000141744 _____ C:\Windows\system32\perfc005.dat
2018-10-16 09:37 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-16 09:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-10-16 00:07 - 2016-11-17 09:42 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2018-10-15 22:57 - 2018-09-06 20:48 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-10-15 22:57 - 2018-03-25 21:27 - 000003020 _____ C:\Windows\System32\Tasks\PMTask
2018-10-15 22:57 - 2018-03-13 17:04 - 000004528 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-15 22:57 - 2018-01-06 16:54 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2018-01-06 16:54 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-10-15 22:57 - 2017-02-24 22:53 - 000003116 _____ C:\Windows\System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4}
2018-10-15 22:57 - 2016-12-03 17:24 - 000002886 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Milan)
2018-10-15 22:57 - 2016-10-24 15:03 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-10-15 22:57 - 2016-09-29 12:54 - 000003114 _____ C:\Windows\System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC}
2018-10-15 22:57 - 2016-09-24 13:38 - 000004516 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-15 22:57 - 2015-12-04 00:42 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-10-15 22:57 - 2015-07-02 00:48 - 000003898 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001UA
2018-10-15 22:57 - 2015-07-02 00:48 - 000003502 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-596090282-1410466437-1780385450-1001Core
2018-10-15 22:57 - 2015-01-01 18:05 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-15 22:57 - 2014-04-21 09:22 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-15 22:57 - 2014-04-21 09:22 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-15 22:57 - 2012-12-20 13:00 - 000002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-10-15 22:57 - 2012-06-28 13:31 - 000003082 _____ C:\Windows\System32\Tasks\RealCreateProcessScheduledTask3381399S-1-5-21-596090282-1410466437-1780385450-1001
2018-10-15 21:09 - 2016-11-16 00:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-10-15 21:09 - 2012-06-28 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-13 14:31 - 2014-06-26 14:24 - 000000000 ____D C:\Program Files (x86)\Steam
2018-10-13 06:13 - 2017-03-13 00:43 - 000000000 ____D C:\Users\Milan\AppData\Local\Citrix
2018-10-11 22:54 - 2018-04-12 00:03 - 000002433 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-10-11 09:53 - 2012-10-11 13:37 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Dropbox
2018-10-09 17:04 - 2012-07-05 20:09 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-09 17:04 - 2012-06-28 10:55 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-10-09 17:04 - 2012-06-28 10:55 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-10-09 17:04 - 2012-06-28 10:54 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-10-08 22:57 - 2013-02-28 21:13 - 000000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2018-10-06 13:08 - 2012-06-28 13:17 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Media Player Classic
2018-09-18 21:41 - 2012-07-02 18:15 - 000000000 ____D C:\web

==================== Files in the root of some directories =======

2012-12-31 15:24 - 2009-03-03 00:47 - 000049233 _____ () C:\Users\Milan\fat32format.exe
2012-06-28 11:36 - 2012-06-28 11:37 - 000008192 _____ () C:\Users\Milan\AppData\Roaming\records_db
2012-09-28 11:24 - 2013-10-28 10:49 - 000000600 _____ () C:\Users\Milan\AppData\Roaming\winscp.rnd
2016-09-07 00:13 - 2016-09-27 23:25 - 000004608 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-06-21 22:38 - 2018-06-21 22:38 - 000003256 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2018-02-17 23:11 - 2018-02-17 23:11 - 000007618 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-28 18:32

==================== End of FRST.txt ============================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#6 Příspěvek od Rudy »

To je pravda a ať je problém v malware, nebo disku, určitě to odhalíme. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} - E:\Startme.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
U4 secdrv; no ImagePath
C:\Windows\System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4}
C:\Windows\System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#7 Příspěvek od neummi »

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.10.2018
Ran by Milan (17-10-2018 10:39:09) Run:1
Running from C:\Users\Milan\Desktop
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\...\MountPoints2: {e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} - E:\Startme.exe
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-596090282-1410466437-1780385450-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
U4 secdrv; no ImagePath
C:\Windows\System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4}
C:\Windows\System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC}
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} => removed successfully
HKLM\Software\Classes\CLSID\{586eb6ad-c8d7-11e1-8ac7-dc0ea1ee44c1} => not found
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} => removed successfully
HKLM\Software\Classes\CLSID\{586eb6b6-c8d7-11e1-8ac7-dc0ea1ee44c1} => not found
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} => removed successfully
HKLM\Software\Classes\CLSID\{8dcea8a8-8bf3-11e8-95cf-dc0ea1ee44c1} => not found
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} => removed successfully
HKLM\Software\Classes\CLSID\{e5b1ffeb-3d7b-11e6-9499-dc0ea1ee44c1} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => removed successfully
HKLM\System\CurrentControlSet\Services\secdrv => removed successfully
secdrv => service removed successfully
C:\Windows\System32\Tasks\{D780AD46-A995-41AB-B64C-144A16FF13E4} => moved successfully
C:\Windows\System32\Tasks\{2EDBFA36-BB08-4F0D-8DCF-5684BF6D4DAC} => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7289633 B
Java, Flash, Steam htmlcache => 328538178 B
Windows/system/drivers => 3452949 B
Edge => 0 B
Chrome => 241419864 B
Firefox => 138632299 B
Opera => 293947436 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33186 B
systemprofile32 => 33058 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Milan => 27692378 B

RecycleBin => 16112 B
EmptyTemp: => 1000.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:39:50 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#8 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#9 Příspěvek od neummi »

Nb je rychlejší, ale cca po 30 min se problém vyskytl znova :(

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#10 Příspěvek od Rudy »

Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#11 Příspěvek od neummi »

test jsem nechal běžet přes den, protože hned po 10 minutách došlo k záseku....ještě jsem si všiml, že ráno disk ukazoval 20 GB volného místa a teď večer přes 50 GB volného místa :(

Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 18.10.18
Čas skenování: 9:53
Logovací soubor: ec2619da-d2aa-11e8-80b4-dc0ea1ee44c1.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.463
Aktualizovat verzi balíku komponent: 1.0.7411
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Milan-PC\Milan

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 282114
Zjištěné hrozby: 44
Hrozby umístěné do karantény: 0
Uplynulý čas: 3 hod, 17 min, 50 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 24
PUP.Optional.TornTV, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Žádná uživatelská akce, [1534], [244125],1.0.7411
PUP.Optional.TornTV, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, Žádná uživatelská akce, [1534], [244125],1.0.7411
Adware.Hicosmea, HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\WOW6432NODE\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, Žádná uživatelská akce, [3933], [185984],1.0.7411
PUP.Optional.Hicosmea, HKU\S-1-5-21-596090282-1410466437-1780385450-1001_Classes\WOW6432NODE\CLSID\{56FDF344-FD6D-11D0-958A-006097C9A090}, Žádná uživatelská akce, [6793], [234782],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}, Žádná uživatelská akce, [405], [237486],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3D1000AE-DB5C-4AD2-A73E-A9427B1C52B7}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BB19FD9-850D-48DE-B67D-66BF3F7E23E7}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{631A67F0-DF26-4D40-9BD1-E98E26EE574E}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652F2880-5714-4AE7-8023-72CE2C1A6031}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BB0A0E3-B397-44AE-94DB-4BB55F28BCB1}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86E7E980-D324-418A-A15D-CD5A25D12C7E}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADCC2EC6-B94D-439D-9B9E-C226F87BDCF0}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3F1D415-B6B1-459C-82DA-B8EDA61232F5}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BCE4A81B-CB27-4EA4-89B0-BBA87670D2A3}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C61D101E-7308-4EE7-87F7-B2FCB7C27F3E}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDF286C8-EFBD-45FC-921B-ADFFE0E0C084}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9625F9A-D1BB-4636-A7AB-83FAAB3664D6}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8D61EBD-7C87-4DFB-B450-6C3370F3498C}, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.TornTV, HKLM\SOFTWARE\WOW6432NODE\Torntv V9.0, Žádná uživatelská akce, [1534], [244141],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006A4FEA-BEB5-4088-8A7C-C9EDAFDEE1B2}, Žádná uživatelská akce, [405], [237508],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}, Žádná uživatelská akce, [405], [237508],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2FF9696A-D071-4724-8DF3-70023AC634B7}, Žádná uživatelská akce, [405], [237509],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}, Žádná uživatelská akce, [405], [237509],1.0.7411

Hodnota v registru: 20
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|APPNAME, Žádná uživatelská akce, [405], [237486],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3D1000AE-DB5C-4AD2-A73E-A9427B1C52B7}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5BB19FD9-850D-48DE-B67D-66BF3F7E23E7}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{631A67F0-DF26-4D40-9BD1-E98E26EE574E}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{652F2880-5714-4AE7-8023-72CE2C1A6031}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BB0A0E3-B397-44AE-94DB-4BB55F28BCB1}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{86E7E980-D324-418A-A15D-CD5A25D12C7E}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ADCC2EC6-B94D-439D-9B9E-C226F87BDCF0}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3F1D415-B6B1-459C-82DA-B8EDA61232F5}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BCE4A81B-CB27-4EA4-89B0-BBA87670D2A3}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C61D101E-7308-4EE7-87F7-B2FCB7C27F3E}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CDF286C8-EFBD-45FC-921B-ADFFE0E0C084}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D9625F9A-D1BB-4636-A7AB-83FAAB3664D6}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKU\S-1-5-21-596090282-1410466437-1780385450-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8D61EBD-7C87-4DFB-B450-6C3370F3498C}|APPNAME, Žádná uživatelská akce, [405], [237487],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|APPNAME, Žádná uživatelská akce, [405], [237508],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|APPNAME, Žádná uživatelská akce, [405], [237509],1.0.7411
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|TORNTV V9.0-BG.EXE, Žádná uživatelská akce, [1822], [260099],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{006a4fea-beb5-4088-8a7c-c9edafdee1b2}|APPNAME, Žádná uživatelská akce, [405], [237508],1.0.7411
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2ff9696a-d071-4724-8df3-70023ac634b7}|APPNAME, Žádná uživatelská akce, [405], [237509],1.0.7411

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: zpomalený a zasekávající se notebook

#12 Příspěvek od Rudy »

Nalezené položky smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#13 Příspěvek od neummi »

přesunuto do karantény a pak smazáno :) bylo tam něco závažného?

neummi
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 25 lis 2007 12:55

Re: zpomalený a zasekávající se notebook

#14 Příspěvek od neummi »

bohužel se problém po cca 2h objevil znova...už opravdu nevím, co může být špatně..pořád tajně doufám, že něco objevíte a nebudu muset reinstall systému případně měnit hdd :)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: zpomalený a zasekávající se notebook

#15 Příspěvek od JaRon »

jednorazovo zaskocim:
urcite nic nepokazis ked spustis s príkazového riadku chkdsk /r
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno