Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
pomalý notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
pomalý notebook
Dobrý den včera a předevčírem jsme řešili pomalý notebook, ale dnes po přihlášení na Viry.cz je vše smazáno. Vůbec nevím co se stalo.
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
Stalo se to, že se nám při promazávání starých vláken smazalo něco, co nebylo označeno k smazání. Pravděpodobně nějaký bug. Omluvu jsem dal do oranžového rámečku výše. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 a řekněte, u čeho jsme skončili.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Skončili jsme u adwcleaner. Takže jestli dobře chápu začneme znovu.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Terouš123 (17-08-2017 17:47:47)
Running from C:\Users\Terouš123\Desktop
Windows 8.1 Connected (Update) (X64) (2015-12-25 13:57:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3711724810-2781737708-1749865010-500 - Administrator - Disabled)
Guest (S-1-5-21-3711724810-2781737708-1749865010-501 - Limited - Disabled)
Terouš123 (S-1-5-21-3711724810-2781737708-1749865010-1001 - Administrator - Enabled) => C:\Users\Terouš123
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Code VBA 7.0 (HKLM-x32\...\{8AE205D4-0EA1-45B3-A9EB-478237C60F10}) (Version: 7.0.84 - AGORA Software BV)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 54.0.1 (x64 cs)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A568323-AC11-46D3-9F64-5545DECBA4D7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {4F0075D7-5B3D-4407-9063-CF5DF7218225} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-15] (Adobe Systems Incorporated)
Task: {51DB7C5F-14E3-40C8-B956-351739C0C78F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {532DC333-AD54-48C4-9D58-C381E0636FD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-14] (AVAST Software)
Task: {6AA8EB01-EF5C-4AC7-80DA-7147AB25A6F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {72F89EB0-7D62-4DD6-909D-0B3BE277BE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {79751D24-116C-4B05-8CBA-88C54ED2D4EC} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {8BFA2A2D-542E-43BD-9BCF-70EE6FD17FB4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {981CACCC-9BEB-4A48-9A23-AB6641E18B39} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {A9025FAB-1D40-4C7D-8322-69BE9E9C03C0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {C245A1D5-1095-45C0-B794-20EACF51790A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-15] (AVAST Software)
Task: {C3873BE4-7E86-4752-9861-4EEB56D940B3} - System32\Tasks\SafeZone scheduled Autoupdate 1475857930 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {E79CB3A6-C642-4CE9-96ED-72C2B728E4BD} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Terouš123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=d9636bd8-dcd5 ... 3d53645731
==================== Loaded Modules (Whitelisted) ==============
2015-12-26 13:48 - 2013-05-14 19:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-11-04 08:16 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-25 15:57 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\18289libfoxloader-x64.dll
2014-11-04 07:35 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-04 08:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-01-22 10:40 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-01-22 10:40 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-12-21 19:49 - 2016-12-21 19:49 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-04 08:23 - 2014-11-04 08:22 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-12-26 12:22 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2015-12-26 12:22 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2015-12-26 12:22 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2015-12-26 12:22 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2015-12-26 12:22 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-01-22 10:40 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\29831libfoxloader.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-22 10:40 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-12-30 15:28 - 2013-10-12 09:12 - 000985088 _____ () C:\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{67863E9F-FD6A-4D4C-BD4B-D49A63A03797}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{82406636-42CA-48DA-B448-A19B6910E1EF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{9C0D92B4-7659-47EE-87AA-A5CC1B42493E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D091BB83-1CAE-409C-AAB1-E956AA0A0F72}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F23A941D-F32D-4507-97A9-FCAF2E3C774B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9C63D51E-398A-4BEF-850B-DBBFF2671FEC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E477C070-A33A-46A0-93B6-32C7C2BBFE4A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{11A2817F-8089-43A6-A997-57C20D38E98B}] => (Allow) LPort=55100
FirewallRules: [{FAF5832C-04CF-4A8A-B7CE-A9EEFC27525B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{EE9705FF-52E4-45D0-B380-5160FBFA7B48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{322293DC-3D11-4E0A-BC4C-E1887B481594}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{615D823A-D202-46B2-94B6-A45E3B77780C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46196564-D67E-47F9-A628-56E4A586CE6D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F578AA6-7676-4548-9842-BABF9E8C1E20}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{0EC8597D-96C5-41EF-8AC3-BFE56A1F0362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{89E30DE7-5DE7-4FB5-9769-D76EE3F02A6F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
21-06-2017 21:59:13 Windows Update
16-08-2017 16:40:52 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2017 04:11:31 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 07:04:55 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001064a
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0x01d316a7418aeccb
Cesta k chybující aplikaci: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: e70d1847-829a-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/16/2017 05:51:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6b0
Čas spuštění chybující aplikace: 0x01d316a3e2772bc2
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 6a0876f9-8297-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:53:01 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/15/2017 07:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MRT.exe, verze: 5.47.13703.0, časové razítko: 0x58dec9f9
Název chybujícího modulu: combase.dll, verze: 6.3.9600.18666, časové razítko: 0x58f3203f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b3bf
ID chybujícího procesu: 0x10dc
Čas spuštění chybující aplikace: 0x01d315ef042a8879
Cesta k chybující aplikaci: C:\Windows\System32\MRT.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\combase.dll
ID zprávy: 7bc88a4e-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6a8
Čas spuštění chybující aplikace: 0x01d315ee9674517b
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 1fc8d329-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x68c
Čas spuštění chybující aplikace: 0x01d315ec64a5250f
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: ec3eb88a-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.0.0.0, časové razítko: 0x52d9e32d
Název chybujícího modulu: MurocApi.dll, verze: 17.0.0.0, časové razítko: 0x52d9e279
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002bd48
ID chybujícího procesu: 0x8f8
Čas spuštění chybující aplikace: 0x01d315ec6889c80f
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: d41761d2-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:57:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LUService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2015-12-25 14:20:05.007
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\VDWFP64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1889.32 MB
Total Virtual: 4811.21 MB
Available Virtual: 2575.39 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:350.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 662C5828)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Terouš123 (17-08-2017 17:47:47)
Running from C:\Users\Terouš123\Desktop
Windows 8.1 Connected (Update) (X64) (2015-12-25 13:57:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3711724810-2781737708-1749865010-500 - Administrator - Disabled)
Guest (S-1-5-21-3711724810-2781737708-1749865010-501 - Limited - Disabled)
Terouš123 (S-1-5-21-3711724810-2781737708-1749865010-1001 - Administrator - Enabled) => C:\Users\Terouš123
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Code VBA 7.0 (HKLM-x32\...\{8AE205D4-0EA1-45B3-A9EB-478237C60F10}) (Version: 7.0.84 - AGORA Software BV)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 54.0.1 (x64 cs)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A568323-AC11-46D3-9F64-5545DECBA4D7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {4F0075D7-5B3D-4407-9063-CF5DF7218225} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-15] (Adobe Systems Incorporated)
Task: {51DB7C5F-14E3-40C8-B956-351739C0C78F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {532DC333-AD54-48C4-9D58-C381E0636FD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-14] (AVAST Software)
Task: {6AA8EB01-EF5C-4AC7-80DA-7147AB25A6F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {72F89EB0-7D62-4DD6-909D-0B3BE277BE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {79751D24-116C-4B05-8CBA-88C54ED2D4EC} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {8BFA2A2D-542E-43BD-9BCF-70EE6FD17FB4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {981CACCC-9BEB-4A48-9A23-AB6641E18B39} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {A9025FAB-1D40-4C7D-8322-69BE9E9C03C0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {C245A1D5-1095-45C0-B794-20EACF51790A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-15] (AVAST Software)
Task: {C3873BE4-7E86-4752-9861-4EEB56D940B3} - System32\Tasks\SafeZone scheduled Autoupdate 1475857930 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {E79CB3A6-C642-4CE9-96ED-72C2B728E4BD} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Terouš123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=d9636bd8-dcd5 ... 3d53645731
==================== Loaded Modules (Whitelisted) ==============
2015-12-26 13:48 - 2013-05-14 19:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-11-04 08:16 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-25 15:57 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\18289libfoxloader-x64.dll
2014-11-04 07:35 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-04 08:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-01-22 10:40 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-01-22 10:40 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-12-21 19:49 - 2016-12-21 19:49 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-04 08:23 - 2014-11-04 08:22 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-12-26 12:22 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2015-12-26 12:22 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2015-12-26 12:22 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2015-12-26 12:22 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2015-12-26 12:22 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-01-22 10:40 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\29831libfoxloader.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-22 10:40 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-12-30 15:28 - 2013-10-12 09:12 - 000985088 _____ () C:\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{67863E9F-FD6A-4D4C-BD4B-D49A63A03797}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{82406636-42CA-48DA-B448-A19B6910E1EF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{9C0D92B4-7659-47EE-87AA-A5CC1B42493E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D091BB83-1CAE-409C-AAB1-E956AA0A0F72}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F23A941D-F32D-4507-97A9-FCAF2E3C774B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9C63D51E-398A-4BEF-850B-DBBFF2671FEC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E477C070-A33A-46A0-93B6-32C7C2BBFE4A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{11A2817F-8089-43A6-A997-57C20D38E98B}] => (Allow) LPort=55100
FirewallRules: [{FAF5832C-04CF-4A8A-B7CE-A9EEFC27525B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{EE9705FF-52E4-45D0-B380-5160FBFA7B48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{322293DC-3D11-4E0A-BC4C-E1887B481594}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{615D823A-D202-46B2-94B6-A45E3B77780C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46196564-D67E-47F9-A628-56E4A586CE6D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F578AA6-7676-4548-9842-BABF9E8C1E20}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{0EC8597D-96C5-41EF-8AC3-BFE56A1F0362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{89E30DE7-5DE7-4FB5-9769-D76EE3F02A6F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
21-06-2017 21:59:13 Windows Update
16-08-2017 16:40:52 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2017 04:11:31 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 07:04:55 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001064a
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0x01d316a7418aeccb
Cesta k chybující aplikaci: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: e70d1847-829a-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/16/2017 05:51:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6b0
Čas spuštění chybující aplikace: 0x01d316a3e2772bc2
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 6a0876f9-8297-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:53:01 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/15/2017 07:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MRT.exe, verze: 5.47.13703.0, časové razítko: 0x58dec9f9
Název chybujícího modulu: combase.dll, verze: 6.3.9600.18666, časové razítko: 0x58f3203f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b3bf
ID chybujícího procesu: 0x10dc
Čas spuštění chybující aplikace: 0x01d315ef042a8879
Cesta k chybující aplikaci: C:\Windows\System32\MRT.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\combase.dll
ID zprávy: 7bc88a4e-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6a8
Čas spuštění chybující aplikace: 0x01d315ee9674517b
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 1fc8d329-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x68c
Čas spuštění chybující aplikace: 0x01d315ec64a5250f
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: ec3eb88a-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.0.0.0, časové razítko: 0x52d9e32d
Název chybujícího modulu: MurocApi.dll, verze: 17.0.0.0, časové razítko: 0x52d9e279
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002bd48
ID chybujícího procesu: 0x8f8
Čas spuštění chybující aplikace: 0x01d315ec6889c80f
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: d41761d2-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:57:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LUService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2015-12-25 14:20:05.007
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\VDWFP64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1889.32 MB
Total Virtual: 4811.21 MB
Available Virtual: 2575.39 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:350.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 662C5828)
Partition: GPT.
==================== End of Addition.txt ============================
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-08-2017
Ran by Terouš123 (administrator) on TEROUS (17-08-2017 17:45:34)
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-04] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-15] (AVAST Software)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
Startup: C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-12-30]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{850BF180-2DAF-4A02-9F3E-400A2921EAD9}: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{D21874A6-7CC9-4F73-95F2-D1CBF3B5346C}: [DhcpNameServer] 150.206.1.3
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {1A1EA4EB-46C6-4261-B471-C9C2E1FE7464} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=227087&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-12-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF ProfilePath: C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 [2017-08-17]
FF Homepage: Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\sp@avast.com.xpi [2017-06-30]
FF Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\wrc@avast.com.xpi [2017-08-17]
FF Extension: (Seznam lištička) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-08-14]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\jnxk3zh6.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Prezentace Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Dokumenty Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Disk Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-17]
CHR Extension: (YouTube) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-11]
CHR Extension: (Tabulky Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
CHR Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-14]
CHR Extension: (Skype) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Gmail) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-15] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-15] (AVAST Software)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-04] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-04] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-04] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317400 2017-02-27] () [File not signed]
R2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [1077536 2017-01-16] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-08-15] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-08-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-08-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-08-15] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-08-15] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146704 2017-08-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-08-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-08-15] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015880 2017-08-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-08-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-08-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-08-15] (AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:42 - 2017-08-17 17:42 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
2017-08-17 16:09 - 2017-08-17 16:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-16 18:50 - 2017-08-16 18:57 - 000000000 ____D C:\AdwCleaner
2017-08-16 18:50 - 2017-08-16 18:50 - 008185288 _____ (Malwarebytes) C:\Users\Terouš123\Desktop\adwcleaner_7.0.1.0.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-16 16:43 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2017-08-16 16:23 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-08-16 16:23 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-08-16 16:06 - 2017-08-16 16:16 - 000036772 _____ C:\Users\Terouš123\Desktop\Addition.txt
2017-08-16 16:05 - 2017-07-21 15:40 - 000518144 _____ C:\windows\SysWOW64\msjetoledb40.dll
2017-08-16 16:05 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjtes40.dll
2017-08-16 16:05 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-08-16 16:05 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-08-16 16:05 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-08-16 16:05 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-08-16 16:05 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-08-16 16:05 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-08-16 16:05 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-08-16 16:05 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-08-16 16:05 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-08-16 16:05 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-08-16 16:05 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-08-16 16:05 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-08-16 16:05 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-08-16 16:05 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-08-16 16:05 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2017-08-16 16:05 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-08-16 16:05 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-08-16 16:05 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-08-16 16:05 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2017-08-16 16:05 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrepl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstext40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjint40.dll
2017-08-16 16:05 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2017-08-16 16:05 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-08-16 16:05 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-08-16 16:05 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-08-16 16:05 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-08-16 16:05 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-08-16 16:05 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-08-16 16:05 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2017-08-16 16:05 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2017-08-16 16:05 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\umrdp.dll
2017-08-16 16:05 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2017-08-16 16:05 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-08-16 16:05 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-08-16 16:05 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-08-16 16:05 - 2017-06-09 15:47 - 000448629 _____ C:\windows\system32\ApnDatabase.xml
2017-08-16 16:05 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-08-16 16:05 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-08-16 16:05 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-08-16 16:05 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2017-08-16 16:05 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-08-16 16:05 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2017-08-16 16:05 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2017-08-16 16:05 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-08-16 16:05 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2017-08-16 16:05 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-08-16 16:05 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-08-16 16:05 - 2017-06-02 14:15 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 14:12 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-08-16 16:05 - 2017-06-02 14:12 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-08-16 16:05 - 2017-06-02 14:01 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-08-16 16:05 - 2017-06-02 13:03 - 000903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-08-16 16:05 - 2017-06-02 12:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 12:24 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-08-16 16:05 - 2017-06-02 12:17 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-08-16 16:05 - 2017-06-02 11:43 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-08-16 16:05 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-08-16 16:05 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\rdsdwmdr.dll
2017-08-16 16:05 - 2017-05-14 22:19 - 001364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:16 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:13 - 001559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:58 - 001985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:48 - 001377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-08-16 16:05 - 2017-05-12 04:18 - 003714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-08-16 16:05 - 2017-05-12 01:36 - 022361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-08-16 16:05 - 2017-05-12 01:32 - 019788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-08-16 16:05 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2017-08-16 16:05 - 2017-05-06 18:05 - 001094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-08-16 16:05 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-08-16 16:05 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-08-16 16:05 - 2017-04-06 18:46 - 000434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-08-16 16:05 - 2017-04-06 18:35 - 001362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-08-16 16:05 - 2017-04-06 18:15 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-08-16 16:04 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-08-16 16:04 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-08-16 16:04 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-08-16 16:04 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-08-16 16:04 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-08-16 16:04 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
2017-08-16 16:04 - 2017-07-06 10:52 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-08-16 16:04 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswdat10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswstr10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjter40.dll
2017-08-16 16:04 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2017-08-16 16:04 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlansec.dll
2017-08-16 16:04 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2017-08-16 16:04 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-08-16 16:04 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2017-08-16 16:04 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2017-08-16 16:04 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2017-08-16 16:04 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2017-08-16 16:04 - 2017-06-12 02:14 - 000276320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-08-16 16:04 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2017-08-16 16:04 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2017-08-16 16:04 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2017-08-16 16:04 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-08-16 16:04 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\windows\system32\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\uudf.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\convert.exe
2017-08-16 16:04 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ulib.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\windows\system32\ufat.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\uexfat.dll
2017-08-16 16:04 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\uudf.dll
2017-08-16 16:04 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-08-16 16:04 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ulib.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ufat.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\uexfat.dll
2017-08-16 16:04 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-08-16 16:04 - 2017-06-02 14:06 - 001001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-08-16 16:04 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-08-16 16:04 - 2017-05-16 00:09 - 000057688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2017-08-16 16:04 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-08-16 16:04 - 2017-05-15 21:58 - 000121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-08-16 16:04 - 2017-05-14 21:04 - 000315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-08-16 16:04 - 2017-05-14 21:03 - 000373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-08-16 16:04 - 2017-05-14 20:13 - 000136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-08-16 16:04 - 2017-05-12 19:05 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-08-16 16:04 - 2017-05-12 17:51 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-08-16 16:04 - 2017-05-12 17:50 - 000124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 17:48 - 000081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-08-16 16:04 - 2017-05-12 17:47 - 000726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-08-16 16:04 - 2017-05-12 06:10 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-08-16 16:04 - 2017-05-12 04:11 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-08-16 16:04 - 2017-05-12 04:10 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 04:07 - 000409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2017-08-16 16:04 - 2017-05-12 04:06 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-08-16 16:04 - 2017-05-12 04:04 - 000897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-08-16 16:04 - 2017-05-12 04:00 - 002240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-08-16 16:04 - 2017-05-10 20:19 - 000101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-08-16 16:04 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\windows\system32\snmptrap.exe
2017-08-16 16:04 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\windows\system32\DAFWSD.dll
2017-08-16 16:04 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
2017-08-16 16:04 - 2017-05-06 18:04 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-08-16 16:04 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-08-16 16:04 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2017-08-16 16:04 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2017-08-16 16:04 - 2017-04-30 18:48 - 000080078 _____ C:\windows\system32\normidna.nls
2017-08-16 16:04 - 2017-04-06 19:16 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2017-08-16 16:04 - 2017-04-06 17:44 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2017-08-16 16:04 - 2017-04-02 16:49 - 000186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-08-16 16:01 - 2017-08-17 17:46 - 000021904 _____ C:\Users\Terouš123\Desktop\FRST.txt
2017-08-16 16:00 - 2017-08-17 17:45 - 000000000 ____D C:\FRST
2017-08-16 15:58 - 2017-08-16 15:59 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64.exe
2017-08-15 19:43 - 2017-08-15 19:43 - 000400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-08-15 19:36 - 2017-08-15 19:36 - 021540440 _____ (Malwarebytes Corporation ) C:\Users\Terouš123\Downloads\mbam-setup-2.1.4.1018.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:02 - 2016-11-19 21:54 - 000000000 ____D C:\Users\Terouš123\AppData\LocalLow\Mozilla
2017-08-17 16:32 - 2015-12-25 16:05 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3711724810-2781737708-1749865010-1001
2017-08-17 16:17 - 2015-12-25 16:06 - 000003978 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{DBBDB273-5971-4326-B3B7-80ACE8186A1C}
2017-08-17 16:14 - 2017-01-22 10:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\Seznam.cz
2017-08-17 16:14 - 2015-12-26 13:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-08-17 16:07 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-08-16 19:51 - 2014-11-04 08:23 - 000004608 _____ C:\windows\system32\VfService.trf
2017-08-16 19:50 - 2017-06-30 14:23 - 000000248 _____ C:\windows\Tasks\StartMenu8_Start.job
2017-08-16 19:44 - 2017-04-19 23:46 - 000000000 ____D C:\Users\Terouš123\AppData\Local\ElevatedDiagnostics
2017-08-16 19:12 - 2014-11-04 07:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2017-08-16 19:11 - 2015-12-25 16:07 - 000001283 _____ C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-08-16 19:06 - 2014-11-04 08:07 - 000740822 _____ C:\windows\system32\perfh005.dat
2017-08-16 19:06 - 2014-11-04 08:07 - 000151948 _____ C:\windows\system32\perfc005.dat
2017-08-16 19:06 - 2014-03-18 11:53 - 001748728 _____ C:\windows\system32\PerfStringBackup.INI
2017-08-16 19:06 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-08-16 18:57 - 2015-12-25 15:40 - 000000000 ____D C:\ProgramData\IObit
2017-08-16 18:55 - 2015-12-25 15:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\IObit
2017-08-16 17:43 - 2017-03-27 11:30 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-16 17:43 - 2016-10-07 18:32 - 000003888 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1475857930
2017-08-16 17:25 - 2013-08-22 16:44 - 000494464 _____ C:\windows\system32\FNTCACHE.DAT
2017-08-16 17:20 - 2016-01-31 23:11 - 000000000 ____D C:\windows\system32\appraiser
2017-08-16 17:20 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-08-16 17:12 - 2015-12-25 15:58 - 000000000 ____D C:\Users\Terouš123\AppData\Local\Packages
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-08-16 17:08 - 2013-08-22 15:25 - 000000167 _____ C:\windows\win.ini
2017-08-16 17:06 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-08-16 16:58 - 2015-12-27 15:45 - 000000000 ____D C:\windows\system32\MRT
2017-08-16 16:52 - 2015-12-27 15:45 - 140394280 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-08-16 16:18 - 2017-04-11 19:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-16 16:18 - 2017-04-11 19:35 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-15 19:46 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-08-15 19:44 - 2017-02-11 12:06 - 000003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-08-15 19:44 - 2015-12-25 16:22 - 001015880 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146704 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906668707
2017-08-15 19:43 - 2015-12-25 16:22 - 000585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906106203
2017-08-15 19:43 - 2015-12-25 16:22 - 000110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-08-15 19:43 - 2015-12-25 16:20 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-15 19:42 - 2017-02-11 12:06 - 000343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-08-15 19:42 - 2016-10-02 12:50 - 000041800 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-08-15 19:42 - 2015-12-25 23:15 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-08-15 19:42 - 2015-12-25 16:22 - 001015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.150281906668707
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-08-15 19:37 - 2015-12-25 15:39 - 000000000 ____D C:\ProgramData\ProductData
2017-08-15 19:30 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-15 19:21 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Files in the root of some directories =======
2014-11-04 07:35 - 2014-11-04 07:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-08-16 19:12 - 2017-08-16 19:12 - 000000086 _____ () C:\ProgramData\log_for_LU.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-16 16:40
==================== End of FRST.txt ============================
Ran by Terouš123 (administrator) on TEROUS (17-08-2017 17:45:34)
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-04] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-15] (AVAST Software)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
Startup: C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-12-30]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{850BF180-2DAF-4A02-9F3E-400A2921EAD9}: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{D21874A6-7CC9-4F73-95F2-D1CBF3B5346C}: [DhcpNameServer] 150.206.1.3
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {1A1EA4EB-46C6-4261-B471-C9C2E1FE7464} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=227087&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-12-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF ProfilePath: C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 [2017-08-17]
FF Homepage: Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\sp@avast.com.xpi [2017-06-30]
FF Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\wrc@avast.com.xpi [2017-08-17]
FF Extension: (Seznam lištička) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-08-14]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\jnxk3zh6.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Prezentace Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Dokumenty Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Disk Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-17]
CHR Extension: (YouTube) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-11]
CHR Extension: (Tabulky Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
CHR Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-14]
CHR Extension: (Skype) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Gmail) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-15] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-15] (AVAST Software)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-04] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-04] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-04] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317400 2017-02-27] () [File not signed]
R2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [1077536 2017-01-16] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-08-15] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-08-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-08-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-08-15] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-08-15] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146704 2017-08-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-08-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-08-15] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015880 2017-08-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-08-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-08-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-08-15] (AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:42 - 2017-08-17 17:42 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
2017-08-17 16:09 - 2017-08-17 16:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-16 18:50 - 2017-08-16 18:57 - 000000000 ____D C:\AdwCleaner
2017-08-16 18:50 - 2017-08-16 18:50 - 008185288 _____ (Malwarebytes) C:\Users\Terouš123\Desktop\adwcleaner_7.0.1.0.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-16 16:43 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2017-08-16 16:23 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-08-16 16:23 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-08-16 16:06 - 2017-08-16 16:16 - 000036772 _____ C:\Users\Terouš123\Desktop\Addition.txt
2017-08-16 16:05 - 2017-07-21 15:40 - 000518144 _____ C:\windows\SysWOW64\msjetoledb40.dll
2017-08-16 16:05 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjtes40.dll
2017-08-16 16:05 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-08-16 16:05 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-08-16 16:05 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-08-16 16:05 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-08-16 16:05 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-08-16 16:05 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-08-16 16:05 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-08-16 16:05 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-08-16 16:05 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-08-16 16:05 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-08-16 16:05 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-08-16 16:05 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-08-16 16:05 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-08-16 16:05 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-08-16 16:05 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2017-08-16 16:05 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-08-16 16:05 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-08-16 16:05 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-08-16 16:05 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2017-08-16 16:05 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrepl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstext40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjint40.dll
2017-08-16 16:05 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2017-08-16 16:05 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-08-16 16:05 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-08-16 16:05 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-08-16 16:05 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-08-16 16:05 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-08-16 16:05 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-08-16 16:05 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2017-08-16 16:05 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2017-08-16 16:05 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\umrdp.dll
2017-08-16 16:05 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2017-08-16 16:05 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-08-16 16:05 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-08-16 16:05 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-08-16 16:05 - 2017-06-09 15:47 - 000448629 _____ C:\windows\system32\ApnDatabase.xml
2017-08-16 16:05 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-08-16 16:05 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-08-16 16:05 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-08-16 16:05 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2017-08-16 16:05 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-08-16 16:05 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2017-08-16 16:05 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2017-08-16 16:05 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-08-16 16:05 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2017-08-16 16:05 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-08-16 16:05 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-08-16 16:05 - 2017-06-02 14:15 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 14:12 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-08-16 16:05 - 2017-06-02 14:12 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-08-16 16:05 - 2017-06-02 14:01 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-08-16 16:05 - 2017-06-02 13:03 - 000903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-08-16 16:05 - 2017-06-02 12:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 12:24 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-08-16 16:05 - 2017-06-02 12:17 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-08-16 16:05 - 2017-06-02 11:43 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-08-16 16:05 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-08-16 16:05 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\rdsdwmdr.dll
2017-08-16 16:05 - 2017-05-14 22:19 - 001364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:16 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:13 - 001559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:58 - 001985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:48 - 001377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-08-16 16:05 - 2017-05-12 04:18 - 003714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-08-16 16:05 - 2017-05-12 01:36 - 022361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-08-16 16:05 - 2017-05-12 01:32 - 019788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-08-16 16:05 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2017-08-16 16:05 - 2017-05-06 18:05 - 001094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-08-16 16:05 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-08-16 16:05 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-08-16 16:05 - 2017-04-06 18:46 - 000434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-08-16 16:05 - 2017-04-06 18:35 - 001362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-08-16 16:05 - 2017-04-06 18:15 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-08-16 16:04 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-08-16 16:04 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-08-16 16:04 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-08-16 16:04 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-08-16 16:04 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-08-16 16:04 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
2017-08-16 16:04 - 2017-07-06 10:52 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-08-16 16:04 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswdat10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswstr10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjter40.dll
2017-08-16 16:04 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2017-08-16 16:04 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlansec.dll
2017-08-16 16:04 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2017-08-16 16:04 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-08-16 16:04 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2017-08-16 16:04 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2017-08-16 16:04 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2017-08-16 16:04 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2017-08-16 16:04 - 2017-06-12 02:14 - 000276320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-08-16 16:04 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2017-08-16 16:04 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2017-08-16 16:04 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2017-08-16 16:04 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-08-16 16:04 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\windows\system32\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\uudf.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\convert.exe
2017-08-16 16:04 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ulib.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\windows\system32\ufat.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\uexfat.dll
2017-08-16 16:04 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\uudf.dll
2017-08-16 16:04 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-08-16 16:04 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ulib.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ufat.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\uexfat.dll
2017-08-16 16:04 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-08-16 16:04 - 2017-06-02 14:06 - 001001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-08-16 16:04 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-08-16 16:04 - 2017-05-16 00:09 - 000057688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2017-08-16 16:04 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-08-16 16:04 - 2017-05-15 21:58 - 000121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-08-16 16:04 - 2017-05-14 21:04 - 000315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-08-16 16:04 - 2017-05-14 21:03 - 000373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-08-16 16:04 - 2017-05-14 20:13 - 000136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-08-16 16:04 - 2017-05-12 19:05 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-08-16 16:04 - 2017-05-12 17:51 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-08-16 16:04 - 2017-05-12 17:50 - 000124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 17:48 - 000081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-08-16 16:04 - 2017-05-12 17:47 - 000726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-08-16 16:04 - 2017-05-12 06:10 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-08-16 16:04 - 2017-05-12 04:11 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-08-16 16:04 - 2017-05-12 04:10 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 04:07 - 000409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2017-08-16 16:04 - 2017-05-12 04:06 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-08-16 16:04 - 2017-05-12 04:04 - 000897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-08-16 16:04 - 2017-05-12 04:00 - 002240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-08-16 16:04 - 2017-05-10 20:19 - 000101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-08-16 16:04 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\windows\system32\snmptrap.exe
2017-08-16 16:04 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\windows\system32\DAFWSD.dll
2017-08-16 16:04 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
2017-08-16 16:04 - 2017-05-06 18:04 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-08-16 16:04 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-08-16 16:04 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2017-08-16 16:04 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2017-08-16 16:04 - 2017-04-30 18:48 - 000080078 _____ C:\windows\system32\normidna.nls
2017-08-16 16:04 - 2017-04-06 19:16 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2017-08-16 16:04 - 2017-04-06 17:44 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2017-08-16 16:04 - 2017-04-02 16:49 - 000186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-08-16 16:01 - 2017-08-17 17:46 - 000021904 _____ C:\Users\Terouš123\Desktop\FRST.txt
2017-08-16 16:00 - 2017-08-17 17:45 - 000000000 ____D C:\FRST
2017-08-16 15:58 - 2017-08-16 15:59 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64.exe
2017-08-15 19:43 - 2017-08-15 19:43 - 000400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-08-15 19:36 - 2017-08-15 19:36 - 021540440 _____ (Malwarebytes Corporation ) C:\Users\Terouš123\Downloads\mbam-setup-2.1.4.1018.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:02 - 2016-11-19 21:54 - 000000000 ____D C:\Users\Terouš123\AppData\LocalLow\Mozilla
2017-08-17 16:32 - 2015-12-25 16:05 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3711724810-2781737708-1749865010-1001
2017-08-17 16:17 - 2015-12-25 16:06 - 000003978 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{DBBDB273-5971-4326-B3B7-80ACE8186A1C}
2017-08-17 16:14 - 2017-01-22 10:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\Seznam.cz
2017-08-17 16:14 - 2015-12-26 13:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-08-17 16:07 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-08-16 19:51 - 2014-11-04 08:23 - 000004608 _____ C:\windows\system32\VfService.trf
2017-08-16 19:50 - 2017-06-30 14:23 - 000000248 _____ C:\windows\Tasks\StartMenu8_Start.job
2017-08-16 19:44 - 2017-04-19 23:46 - 000000000 ____D C:\Users\Terouš123\AppData\Local\ElevatedDiagnostics
2017-08-16 19:12 - 2014-11-04 07:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2017-08-16 19:11 - 2015-12-25 16:07 - 000001283 _____ C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-08-16 19:06 - 2014-11-04 08:07 - 000740822 _____ C:\windows\system32\perfh005.dat
2017-08-16 19:06 - 2014-11-04 08:07 - 000151948 _____ C:\windows\system32\perfc005.dat
2017-08-16 19:06 - 2014-03-18 11:53 - 001748728 _____ C:\windows\system32\PerfStringBackup.INI
2017-08-16 19:06 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-08-16 18:57 - 2015-12-25 15:40 - 000000000 ____D C:\ProgramData\IObit
2017-08-16 18:55 - 2015-12-25 15:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\IObit
2017-08-16 17:43 - 2017-03-27 11:30 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-16 17:43 - 2016-10-07 18:32 - 000003888 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1475857930
2017-08-16 17:25 - 2013-08-22 16:44 - 000494464 _____ C:\windows\system32\FNTCACHE.DAT
2017-08-16 17:20 - 2016-01-31 23:11 - 000000000 ____D C:\windows\system32\appraiser
2017-08-16 17:20 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-08-16 17:12 - 2015-12-25 15:58 - 000000000 ____D C:\Users\Terouš123\AppData\Local\Packages
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-08-16 17:08 - 2013-08-22 15:25 - 000000167 _____ C:\windows\win.ini
2017-08-16 17:06 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-08-16 16:58 - 2015-12-27 15:45 - 000000000 ____D C:\windows\system32\MRT
2017-08-16 16:52 - 2015-12-27 15:45 - 140394280 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-08-16 16:18 - 2017-04-11 19:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-16 16:18 - 2017-04-11 19:35 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-15 19:46 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-08-15 19:44 - 2017-02-11 12:06 - 000003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-08-15 19:44 - 2015-12-25 16:22 - 001015880 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146704 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906668707
2017-08-15 19:43 - 2015-12-25 16:22 - 000585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906106203
2017-08-15 19:43 - 2015-12-25 16:22 - 000110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-08-15 19:43 - 2015-12-25 16:20 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-15 19:42 - 2017-02-11 12:06 - 000343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-08-15 19:42 - 2016-10-02 12:50 - 000041800 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-08-15 19:42 - 2015-12-25 23:15 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-08-15 19:42 - 2015-12-25 16:22 - 001015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.150281906668707
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-08-15 19:37 - 2015-12-25 15:39 - 000000000 ____D C:\ProgramData\ProductData
2017-08-15 19:30 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-15 19:21 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Files in the root of some directories =======
2014-11-04 07:35 - 2014-11-04 07:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-08-16 19:12 - 2017-08-16 19:12 - 000000086 _____ () C:\ProgramData\log_for_LU.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-16 16:40
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
OK, dík za připomenutí. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Terouš123 (17-08-2017 19:13:59) Run:1
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5375676-c050-11e5-8275-d07e352270ad} => key removed successfully
HKLM\Software\Classes\CLSID\{b5375676-c050-11e5-8275-d07e352270ad} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key removed successfully
HKLM\Software\Classes\CLSID\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key not found.
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7529789 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 69277789 B
Edge => 0 B
Chrome => 17643853 B
Firefox => 217072956 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1265898 B
systemprofile32 => 1006953 B
LocalService => 7936 B
NetworkService => 0 B
Terouš123 => 38159217 B
RecycleBin => 21542658 B
EmptyTemp: => 368.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:05 ====
Ran by Terouš123 (17-08-2017 19:13:59) Run:1
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5375676-c050-11e5-8275-d07e352270ad} => key removed successfully
HKLM\Software\Classes\CLSID\{b5375676-c050-11e5-8275-d07e352270ad} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key removed successfully
HKLM\Software\Classes\CLSID\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key not found.
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7529789 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 69277789 B
Edge => 0 B
Chrome => 17643853 B
Firefox => 217072956 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1265898 B
systemprofile32 => 1006953 B
LocalService => 7936 B
NetworkService => 0 B
Terouš123 => 38159217 B
RecycleBin => 21542658 B
EmptyTemp: => 368.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:05 ====
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
ne, vše strašně dlouho trvá než se načte. To je prostě o nervy 
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.08.17
Čas skenování: 16:05
Logovací soubor: já.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2612
Licence: Zkušební
-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: TEROUS\Terou\u00c5\u00a1123
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 326131
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 3
Uplynulý čas: 7 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}, V karanténě, [627], [243431],1.0.2612
Hodnota v registru: 2
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DESKCUTV2@GMAIL.COM, V karanténě, [11140], [237725],1.0.2612
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}|URL, V karanténě, [627], [243431],1.0.2612
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.08.17
Čas skenování: 16:05
Logovací soubor: já.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2612
Licence: Zkušební
-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: TEROUS\Terou\u00c5\u00a1123
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 326131
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 3
Uplynulý čas: 7 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}, V karanténě, [627], [243431],1.0.2612
Hodnota v registru: 2
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DESKCUTV2@GMAIL.COM, V karanténě, [11140], [237725],1.0.2612
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}|URL, V karanténě, [627], [243431],1.0.2612
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
Všechny nálezy MBAM smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Smazáno
-
Rudy
- Site Admin
- Příspěvky: 118250
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: pomalý notebook
Změnilo se něco nyní?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
terka123456
- Návštěvník
- Příspěvky: 17
- Registrován: 15 srp 2017 19:10
Re: pomalý notebook
Je to rychlejší a už se neseká. Je ještě nějaká rada nebo pomoc jak to více zrychlit.
Přispějete na provoz fóra?