reklamy v chromu

Zpráva

funkymusic · #1 Příspěvek od **funkymusic** » 11 bře 2019 22:39

Prosi o pomoc, kamošoj stále vyskakuji reklamy v chromu. Posílám log. Diky moc

Logfile of random's system information tool 1.10 (written by random/random)
Run by User at 2019-03-11 22:23:55
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 360 GB (83%) free of 435 GB
Total RAM: 3979 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:24:12, on 11. 3. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe
C:\Program Files\trend micro\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKCU\..\RunOnce: [Adobe Speed Launcher] 1552320585
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 10919 bytes

======Listing Processes======

wininit.exe

winlogon.exe

C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 76106227280

\??\C:\windows\system32\conhost.exe 0x4
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
"C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
dashost.exe {76c9270a-4add-4126-ae166e3d81c4e3b8}
"C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\SearchIndexer.exe /Embedding
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-319a7e97-1c2c-4493-8eaa-bf050a995de2 -SystemEventPortName:HostProcess-b59cdf0b-79fd-4515-a86b-de5ed8ea80a2 -IoCancelEventPortName:HostProcess-1145f321-98ac-4d30-ae4e-8ff67fe7349b -NonStateChangingEventPortName:HostProcess-3e9a8690-1f28-4aa5-ae3d-44cdfb5b5221 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ebe6b187-d5ca-437e-8049-d0326e156d36 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\Windows\System32\rundll32.exe" "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AvastUI.exe /nogui

C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe

"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
adb fork-server server
"C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe"
"C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe" --type=renderer --disable-breakpad --disable-desktop-notifications --disable-logging --disable-speech-input --lang=en-US --force-fieldtrials=AsyncDns/disabled/ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/ForceCompositingMode/disable/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/InfiniteCache/No/OmniboxDisallowInlineHQP/Standard/OmniboxSearchSuggest/0/OneClickSignIn/Standard/Prefetch/ContentPrefetchPrefetchOff/Prerender/PrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpeculativePrefetchingLearning/SpeculativePrefetchingLearningEnabled/UMA-Session-Randomized-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-1-Percent/default/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-20-Percent/default/UMA-Uniformity-Trial-5-Percent/default/UMA-Uniformity-Trial-50-Percent/default/WarmSocketImpact/last_accessed_socket/ --noerrdialogs --disable-client-side-phishing-detection --disable-bundled-ppapi-flash --channel="4488.2.859828226\1292611584" /prefetch:3
"C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe"
C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "0xde4_0xb3c_0x67e7bd4f"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\User\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\User\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=72.0.3626.121 --initial-client-data=0x118,0x11c,0x120,0x114,0x124,0x7ffc59d85510,0x7ffc59d85520,0x7ffc59d85530
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6004 --on-initialized-event-handle=476 --parent-handle=480 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1420,13276462872505924702,8779907596516604972,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6633463011538738176 --mojo-platform-channel-handle=1424 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1420,13276462872505924702,8779907596516604972,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=2375023507687106921 --mojo-platform-channel-handle=1408 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,13276462872505924702,8779907596516604972,131072 --service-pipe-token=14575457297065530673 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=14575457297065530673 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2444 /prefetch:1
C:\windows\system32\DllHost.exe /Processid:{478B41E6-3257-4519-BDA8-E971F9843849}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1420,13276462872505924702,8779907596516604972,131072 --service-pipe-token=17065931104161324763 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --service-request-channel-token=17065931104161324763 --renderer-client-id=70 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2220 /prefetch:1

"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-c2039ff7-3a5f-4673-8d80-51a28dcf2765 -SystemEventPortName:HostProcess-d57a3aa0-8536-40cb-b7d4-1dc0fe7c34e1 -IoCancelEventPortName:HostProcess-510affeb-f750-4cff-92a3-b490ef0809f1 -NonStateChangingEventPortName:HostProcess-f9a72560-83ee-442a-88ce-6d321ef506ba -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cf6ed6c6-694b-480f-9c40-101ee78b5913 -DeviceGroupId:WpdFsGroup
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\User\Desktop\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-04 553896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-04 211880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-04 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-04 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"BTMTrayAgent"=C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [2013-11-07 7818552]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-09-18 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-09-18 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-09-18 10841584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-02-26 31344744]
"cz.seznam.software.autoupdate"=C:\Users\User\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [2016-10-27 568904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #3"=C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2018-12-20 8992976]
"Adobe Speed Launcher"=1552320585 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-18 271744]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-03 1021128]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-02-17 259976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDWFP]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-03-11 22:23:55 ----D---- C:\rsit
2019-03-11 22:23:55 ----D---- C:\Program Files\trend micro
2019-03-06 21:44:52 ----N---- C:\windows\SYSWOW64\XY_gdiplus.dll
2019-03-06 21:44:51 ----N---- C:\windows\SYSWOW64\XY_quartz.dll
2019-03-06 21:44:51 ----N---- C:\windows\SYSWOW64\XY_qedit.dll
2019-03-06 21:43:41 ----D---- C:\Program Files (x86)\VideoViewer
2019-03-06 21:42:57 ----A---- C:\psapi.dll
2019-03-06 21:42:52 ----A---- C:\windows\SYSWOW64\swscale-2.5.101.dll
2019-03-06 21:42:50 ----A---- C:\windows\SYSWOW64\msvcr71d.dll
2019-03-06 21:42:50 ----A---- C:\windows\SYSWOW64\msvcp71d.dll
2019-03-06 21:42:50 ----A---- C:\windows\SYSWOW64\avutil-52.49.100.dll
2019-03-06 21:42:50 ----A---- C:\windows\SYSWOW64\avformat-55.21.100.dll
2019-03-06 21:42:50 ----A---- C:\windows\SYSWOW64\avcodec-55.40.101.dll
2019-03-06 21:42:49 ----A---- C:\windows\SYSWOW64\libAvcAvi.dll
2019-03-06 21:42:49 ----A---- C:\windows\SYSWOW64\ijl20.dll
2019-03-06 21:42:47 ----A---- C:\windows\SYSWOW64\swscale-3.1.801.dll
2019-03-06 21:42:47 ----A---- C:\windows\SYSWOW64\Deinterlace.dll
2019-03-06 21:42:47 ----A---- C:\windows\SYSWOW64\avutil-54.20.800.dll
2019-03-06 21:42:47 ----A---- C:\windows\SYSWOW64\avformat-56.25.801.dll
2019-03-06 21:42:47 ----A---- C:\windows\SYSWOW64\avcodec-56.26.800.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_RTSP.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_PB.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_NATT.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_MPEG4.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_LIVE_DLL.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_JPEG.dll
2019-03-06 21:42:42 ----A---- C:\windows\SYSWOW64\AVC_H264.dll
2019-02-17 22:18:41 ----D---- C:\Users\User\AppData\Roaming\AVAST Software
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswVmm.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswStm.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswSP.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswSnx.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswRvrt.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswRdr2.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswMonFlt.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswKbd.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswHdsKe.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswbuniv.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswblog.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswbidsh.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswbidsdriver.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswArPot.sys
2019-02-17 22:14:26 ----A---- C:\windows\system32\drivers\aswArDisk.sys
2019-02-17 22:14:00 ----A---- C:\windows\system32\aswBoot.exe
2019-02-17 22:13:57 ----D---- C:\Program Files\Common Files\AVAST Software
2019-02-17 22:12:11 ----D---- C:\Program Files\AVAST Software
2019-02-17 22:11:34 ----D---- C:\ProgramData\AVAST Software
2019-02-15 19:42:08 ----A---- C:\windows\SYSWOW64\iertutil.dll
2019-02-15 19:42:08 ----A---- C:\windows\system32\iertutil.dll
2019-02-15 19:42:06 ----A---- C:\windows\SYSWOW64\vbscript.dll
2019-02-15 19:42:06 ----A---- C:\windows\SYSWOW64\urlmon.dll
2019-02-15 19:42:06 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2019-02-15 19:42:06 ----A---- C:\windows\system32\ie4uinit.exe
2019-02-15 19:42:05 ----A---- C:\windows\SYSWOW64\mshtml.dll
2019-02-15 19:42:05 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2019-02-15 19:42:03 ----A---- C:\windows\system32\urlmon.dll
2019-02-15 19:42:03 ----A---- C:\windows\system32\iedkcs32.dll
2019-02-15 19:42:02 ----A---- C:\windows\SYSWOW64\jscript.dll
2019-02-15 19:42:02 ----A---- C:\windows\system32\vbscript.dll
2019-02-15 19:42:02 ----A---- C:\windows\system32\msfeeds.dll
2019-02-15 19:42:01 ----A---- C:\windows\SYSWOW64\ieframe.dll
2019-02-15 19:42:00 ----A---- C:\windows\SYSWOW64\webcheck.dll
2019-02-15 19:42:00 ----A---- C:\windows\SYSWOW64\jscript9.dll
2019-02-15 19:41:59 ----A---- C:\windows\SYSWOW64\wininet.dll
2019-02-15 19:41:59 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2019-02-15 19:41:58 ----A---- C:\windows\SYSWOW64\msxml6.dll
2019-02-15 19:41:58 ----A---- C:\windows\system32\jscript.dll
2019-02-15 19:41:57 ----A---- C:\windows\system32\webcheck.dll
2019-02-15 19:41:57 ----A---- C:\windows\system32\ieframe.dll
2019-02-15 19:41:56 ----A---- C:\windows\system32\jscript9.dll
2019-02-15 19:41:56 ----A---- C:\windows\system32\inetcomm.dll
2019-02-15 19:41:55 ----A---- C:\windows\system32\wininet.dll
2019-02-15 19:41:55 ----A---- C:\windows\system32\msxml6.dll
2019-02-15 19:41:54 ----A---- C:\windows\system32\ntoskrnl.exe
2019-02-15 19:41:53 ----A---- C:\windows\system32\mshtml.dll
2019-02-15 19:41:46 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2019-02-15 19:41:46 ----A---- C:\windows\system32\ieapfltr.dll
2019-02-15 19:41:45 ----A---- C:\windows\SYSWOW64\msi.dll
2019-02-15 19:41:45 ----A---- C:\windows\system32\combase.dll
2019-02-15 19:41:44 ----A---- C:\windows\SYSWOW64\Windows.Web.dll
2019-02-15 19:41:44 ----A---- C:\windows\system32\msi.dll
2019-02-15 19:41:43 ----A---- C:\windows\SYSWOW64\combase.dll
2019-02-15 19:41:43 ----A---- C:\windows\system32\Windows.Web.dll
2019-02-15 19:41:43 ----A---- C:\windows\system32\lsasrv.dll
2019-02-15 19:41:42 ----A---- C:\windows\SYSWOW64\authui.dll
2019-02-15 19:41:42 ----A---- C:\windows\system32\authui.dll
2019-02-15 19:41:41 ----A---- C:\windows\system32\GdiPlus.dll
2019-02-15 19:41:40 ----A---- C:\windows\system32\winhttp.dll
2019-02-15 19:41:40 ----A---- C:\windows\system32\drivers\ntfs.sys
2019-02-15 19:41:39 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2019-02-15 19:41:37 ----A---- C:\windows\SYSWOW64\winhttp.dll
2019-02-15 19:41:37 ----A---- C:\windows\SYSWOW64\msrd3x40.dll
2019-02-15 19:41:37 ----A---- C:\windows\system32\ucrtbase.dll
2019-02-15 19:41:37 ----A---- C:\windows\system32\drivers\srv2.sys
2019-02-15 19:41:36 ----A---- C:\windows\SYSWOW64\msjet40.dll
2019-02-15 19:41:36 ----A---- C:\windows\system32\win32k.sys
2019-02-15 19:41:35 ----A---- C:\windows\SYSWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 19:41:35 ----A---- C:\windows\SYSWOW64\msrd2x40.dll
2019-02-15 19:41:34 ----A---- C:\windows\SYSWOW64\mf3216.dll
2019-02-15 19:41:34 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2019-02-15 19:41:34 ----A---- C:\windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 19:41:34 ----A---- C:\windows\system32\GlobCollationHost.dll
2019-02-15 19:41:33 ----A---- C:\windows\SYSWOW64\itss.dll
2019-02-15 19:41:33 ----A---- C:\windows\system32\msv1_0.dll
2019-02-15 19:41:33 ----A---- C:\windows\system32\mf3216.dll
2019-02-15 19:41:33 ----A---- C:\windows\system32\itss.dll
2019-02-15 19:41:33 ----A---- C:\windows\system32\drivers\tm.sys
2019-02-15 19:41:32 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2019-02-15 19:41:32 ----A---- C:\windows\system32\drivers\wanarp.sys
2019-02-15 19:41:32 ----A---- C:\windows\system32\drivers\srvnet.sys
2019-02-15 19:41:32 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2019-02-15 19:41:31 ----AC---- C:\windows\system32\drivers\hidparse.sys
2019-02-15 19:41:24 ----A---- C:\windows\system32\rpcss.dll
2019-02-15 19:41:23 ----A---- C:\windows\SYSWOW64\certcli.dll
2019-02-15 19:41:23 ----A---- C:\windows\system32\certcli.dll
2019-02-15 19:41:22 ----A---- C:\windows\SYSWOW64\kerberos.dll
2019-02-15 19:41:22 ----A---- C:\windows\system32\kerberos.dll

======List of files/folders modified in the last 1 month======

2019-03-11 22:23:55 ----RD---- C:\Program Files
2019-03-11 22:18:13 ----D---- C:\windows\Temp
2019-03-11 22:18:11 ----D---- C:\Users\User\AppData\Roaming\Skype
2019-03-11 22:00:00 ----D---- C:\windows\system32\sru
2019-03-11 18:44:11 ----SHD---- C:\System Volume Information
2019-03-11 18:29:10 ----D---- C:\ProgramData\Energy Manager
2019-03-11 17:29:09 ----D---- C:\windows\system32\config
2019-03-11 17:24:10 ----D---- C:\windows\Prefetch
2019-03-11 17:23:54 ----D---- C:\windows\Microsoft.NET
2019-03-11 17:19:20 ----D---- C:\ProgramData\LU
2019-03-11 17:17:05 ----D---- C:\windows\system32\drivers
2019-03-11 17:14:44 ----D---- C:\Users\User\AppData\Roaming\Seznam.cz
2019-03-11 17:09:26 ----D---- C:\windows\Inf
2019-03-07 16:29:33 ----D---- C:\windows\WinSxS
2019-03-07 16:26:10 ----D---- C:\windows\system32\catroot2
2019-03-06 21:44:53 ----D---- C:\windows\SysWOW64
2019-03-06 21:43:41 ----RD---- C:\Program Files (x86)
2019-03-06 21:40:29 ----RAD---- C:\windows\System32
2019-03-06 21:40:29 ----A---- C:\windows\system32\PerfStringBackup.INI
2019-02-20 23:06:32 ----D---- C:\windows\rescache
2019-02-17 23:06:42 ----RSD---- C:\windows\assembly
2019-02-17 22:15:34 ----D---- C:\windows\system32\Tasks
2019-02-17 22:13:57 ----D---- C:\Program Files\Common Files
2019-02-17 22:11:34 ----HD---- C:\ProgramData
2019-02-17 22:07:04 ----D---- C:\ProgramData\McAfee
2019-02-17 22:07:04 ----D---- C:\Program Files (x86)\Common Files
2019-02-17 22:07:02 ----D---- C:\windows\system32\DriverStore
2019-02-17 21:57:09 ----D---- C:\Program Files\Internet Explorer
2019-02-17 21:57:08 ----D---- C:\Program Files (x86)\Internet Explorer
2019-02-17 21:57:06 ----D---- C:\windows\apppatch
2019-02-17 21:55:17 ----HD---- C:\windows\ELAMBKUP
2019-02-16 21:08:40 ----D---- C:\windows\CbsTemp
2019-02-16 20:57:52 ----D---- C:\windows\system32\MRT
2019-02-16 20:53:44 ----AC---- C:\windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2019-02-17 37104]
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2019-02-17 196072]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswblog.sys [2019-02-17 320696]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2019-02-17 57960]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2019-02-17 87944]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2019-03-11 379952]
R0 MBI;@oem10.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\windows\System32\drivers\MBI.sys [2013-10-10 29464]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2019-02-17 205400]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2019-02-17 225680]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2019-02-17 249672]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2019-02-17 42288]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2019-02-17 112312]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2019-02-17 1034432]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2019-02-17 474456]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\windows\system32\DRIVERS\vwififlt.sys [2016-08-13 71680]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2019-02-17 167304]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2019-02-17 216784]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-09-18 35576]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 btmaux;@oem15.inf,%BTMAUX.ServiceDesc%;Intel Bluetooth Auxiliary Service; C:\windows\system32\DRIVERS\btmaux.sys [2013-11-07 140600]
R3 btmhsf;btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [2013-11-07 1411384]
R3 CnxtHdAudService;@oem11.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-27 1474240]
R3 ibtusb;@oem16.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter; C:\windows\system32\DRIVERS\ibtusb.sys [2014-01-22 149448]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-07 3729920]
R3 IntcDAud;@oem4.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem7.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 NETwNb64;@oem17.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-06-01 3443680]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSUSBVSTOR;@oem35.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-08-15 830680]
R3 rtsuvc;@oem25.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-24 34544]
R3 SynTP;@oem13.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-24 532720]
R3 TXEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\windows\System32\drivers\TXEIx64.sys [2014-01-15 88592]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\windows\system32\DRIVERS\vwifimp.sys [2016-08-13 38912]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem6.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-02-17 357304]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor; C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-07 1186168]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-07 1161592]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 iBtSiva;Intel Bluetooth Service; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-01-22 130008]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-12 282096]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-09-18 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-09-18 288240]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-09-18 67856]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-02-17 6758976]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-12 279024]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\elevation_service.exe [2019-03-01 1271280]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-02-13 136120]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2014-05-06 1663880]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-09-18 305136]

-----------------EOF-----------------

#2 Příspěvek od **Conder** » 11 bře 2019 23:29

Ahoj

Seznam Software / Seznam Listicka mas nainstalovany umyselne? Ak nie alebo to nepotrebujes/nepouzivas, odporucam odinstalovat.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

Uloz na plochu a ukonci vsetky programy
Spusti AdwCleaner ako spravca
Odsuhlas licencne podmienky
Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
Nechaj zaskrtnute vsetky nalezy
Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
Otvori sa log, jeho obsah sem skopiruj

funkymusic · #3 Příspěvek od **funkymusic** » 12 bře 2019 22:35

Zasílám log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-03-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-12-2019
# Duration: 00:00:19
# OS: Windows 8.1 Connected
# Cleaned: 64
# Failed: 1

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\Program Files (x86)\VIDEOVIEWER
Not Deleted C:\Users\User\AppData\Local\SweetLabs App Platform
Deleted C:\Users\User\AppData\Roaming\Seznam.cz

***** [ Files ] *****

Deleted C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk
Deleted C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Windows\SysWOW64\VisualDiscovery.ini
Deleted C:\Windows\System32\VisualDiscoveryOff.ini
Deleted C:\Windows\SysWOW64\VisualDiscoveryOff.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP
Deleted HKLM\Software\Wow6432Node\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\SOFTWARE\CLASSES\APPID\VISUALDISCOVERY.EXE
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\Software\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CB8B6161-8B99-4A0B-9998-4B45A87F23AC}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Wow6432Node\VisualDiscovery
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Deleted HKLM\Software\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7562 octets] - [12/03/2019 22:27:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Conder** » 12 bře 2019 23:46

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

funkymusic · #5 Příspěvek od **funkymusic** » 17 bře 2019 22:21

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by User (administrator) on LENOVO-PC (17-03-2019 22:14:50)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-12-18] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [568904 2016-10-27] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Application Restart #3] => C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki -> Pokki)
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Adobe Speed Launcher] => 1552855538
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.75\Installer\chrmstp.exe [2019-03-13] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Reader 11.0\Esl\AiodLite.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-09-18] (Lenovo (Beijing) Limited -> )

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.240.163.170 62.204.224.2
Tcpip\..\Interfaces\{283ECBC6-0F17-4201-B13A-7C8846C2263E}: [DhcpNameServer] 62.240.163.170 62.204.224.2
Tcpip\..\Interfaces\{EA9D0B60-1E9A-4B79-AD20-A70C371F42C8}: [DhcpNameServer] 62.240.163.170 62.204.224.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-772541380-4209158854-1943554451-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-772541380-4209158854-1943554451-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-772541380-4209158854-1943554451-1001 -> {158D0E6B-EAA7-43C8-BEE0-02BCEF88DD1C} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN) [File not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-03-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.motorkari.cz/relocate.php?re=2063
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-03-17]
CHR Extension: (Prezentace) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2019-02-15]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Tabulky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18]
CHR Extension: (Avast Online Security) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1663880 2014-05-06] (LENOVO -> )
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] (Intel Corporation-Mobile Wireless Group -> )
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-09-18] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-09-18] (Lenovo (Beijing) Limited -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37104 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205400 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [225680 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196072 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [320696 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [57960 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [249672 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42288 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [167304 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [112312 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [87944 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034432 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474456 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [216784 2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [3729920 2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel(R) Software -> Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-17 22:14 - 2019-03-17 22:16 - 000021884 _____ C:\Users\User\Desktop\FRST.txt
2019-03-17 22:14 - 2019-03-17 22:14 - 000000000 ____D C:\FRST
2019-03-17 22:06 - 2019-03-17 22:06 - 002434048 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe
2019-03-17 22:04 - 2019-03-17 22:06 - 002434048 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-03-17 21:43 - 2019-03-17 21:43 - 000001066 _____ C:\Users\User\Desktop\VideoViewer.lnk
2019-03-17 21:42 - 2019-03-17 21:55 - 000000000 ____D C:\Program Files (x86)\VideoViewer
2019-03-16 20:02 - 2019-03-02 16:01 - 000835480 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2019-03-16 20:02 - 2019-03-02 16:01 - 000179608 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 08:20 - 2019-03-06 08:23 - 001737712 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2019-03-13 08:20 - 2019-03-06 08:23 - 001501056 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2019-03-13 08:20 - 2019-03-06 08:23 - 001371464 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2019-03-13 08:20 - 2019-03-06 08:22 - 001677232 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2019-03-13 08:20 - 2019-03-06 08:22 - 001537768 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2019-03-13 08:20 - 2019-03-06 08:18 - 007368440 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2019-03-13 08:20 - 2019-03-06 07:27 - 004167680 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2019-03-13 08:20 - 2019-03-06 07:03 - 003324416 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2019-03-13 08:20 - 2019-03-06 06:37 - 003617280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2019-03-13 08:20 - 2019-03-06 05:39 - 002464256 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2019-03-13 08:20 - 2019-02-26 08:57 - 025737216 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2019-03-13 08:20 - 2019-02-26 08:33 - 002902528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2019-03-13 08:20 - 2019-02-26 08:31 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2019-03-13 08:20 - 2019-02-26 08:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2019-03-13 08:20 - 2019-02-26 08:25 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2019-03-13 08:20 - 2019-02-26 08:22 - 005777920 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2019-03-13 08:20 - 2019-02-26 08:20 - 000790528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2019-03-13 08:20 - 2019-02-26 08:07 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2019-03-13 08:20 - 2019-02-26 08:04 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2019-03-13 08:20 - 2019-02-26 07:57 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2019-03-13 08:20 - 2019-02-26 07:51 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2019-03-13 08:20 - 2019-02-26 07:43 - 015284224 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2019-03-13 08:20 - 2019-02-26 07:43 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2019-03-13 08:20 - 2019-02-26 07:41 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2019-03-13 08:20 - 2019-02-26 07:36 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2019-03-13 08:20 - 2019-02-26 07:35 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2019-03-13 08:20 - 2019-02-26 07:31 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2019-03-13 08:20 - 2019-02-26 07:31 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2019-03-13 08:20 - 2019-02-26 07:29 - 013681664 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2019-03-13 08:20 - 2019-02-26 07:29 - 004858880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2019-03-13 08:20 - 2019-02-26 07:18 - 001557504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2019-03-13 08:20 - 2019-02-26 07:12 - 004386304 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2019-03-13 08:20 - 2019-02-26 07:09 - 001332224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2019-03-13 08:20 - 2019-02-26 07:07 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2019-03-13 08:20 - 2019-02-26 07:06 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2019-03-13 08:20 - 2019-02-20 21:17 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2019-03-13 08:20 - 2019-02-15 20:58 - 000536584 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2019-03-13 08:20 - 2019-02-15 20:58 - 000466272 _____ (Microsoft Corporation) C:\windows\system32\WerFault.exe
2019-03-13 08:20 - 2019-02-15 20:58 - 000413176 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
2019-03-13 08:20 - 2019-02-15 20:54 - 000038184 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
2019-03-13 08:20 - 2019-02-15 20:51 - 000449744 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2019-03-13 08:20 - 2019-02-15 20:51 - 000413576 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFault.exe
2019-03-13 08:20 - 2019-02-15 20:51 - 000033504 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
2019-03-13 08:20 - 2019-02-15 20:50 - 000372328 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
2019-03-13 08:20 - 2019-02-09 20:36 - 000444392 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2019-03-13 08:20 - 2019-02-09 20:36 - 000218056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fastfat.sys
2019-03-13 08:20 - 2019-02-09 19:53 - 000923384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2019-03-13 08:20 - 2019-02-09 19:51 - 002014696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2019-03-13 08:20 - 2019-02-09 19:26 - 000333560 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2019-03-13 08:20 - 2019-02-09 18:46 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2019-03-13 08:20 - 2019-02-09 18:03 - 000477696 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
2019-03-13 08:20 - 2019-02-09 17:45 - 000367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
2019-03-13 08:20 - 2019-02-09 17:18 - 000514048 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2019-03-13 08:20 - 2019-02-09 17:16 - 000399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2019-03-13 08:20 - 2019-02-09 17:15 - 001095680 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2019-03-13 08:20 - 2019-02-09 01:38 - 002534936 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2019-03-13 08:20 - 2019-02-09 01:33 - 001901888 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2019-03-13 08:20 - 2019-02-09 00:40 - 001137776 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2019-03-13 08:20 - 2019-02-09 00:40 - 000805168 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2019-03-13 08:20 - 2019-02-09 00:07 - 000614040 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2019-03-13 08:20 - 2019-02-08 23:18 - 000862720 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2019-03-13 08:20 - 2019-02-08 22:39 - 001197056 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2019-03-13 08:20 - 2019-02-08 22:29 - 000863232 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2019-03-13 08:20 - 2019-02-08 19:54 - 001755136 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2019-03-13 08:20 - 2019-02-08 19:51 - 002348032 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2019-03-13 08:20 - 2019-02-08 18:50 - 001493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2019-03-13 08:20 - 2019-02-08 18:45 - 001556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2019-03-13 08:20 - 2019-02-07 20:38 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bridge.sys
2019-03-13 08:20 - 2019-02-07 01:40 - 001311240 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2019-03-13 08:20 - 2019-02-07 01:40 - 001308240 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2019-03-13 08:20 - 2019-02-06 20:32 - 000059392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys
2019-03-13 08:20 - 2019-02-06 20:32 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msfs.sys
2019-03-13 08:20 - 2019-02-06 20:31 - 000684032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2019-03-13 08:20 - 2019-02-06 19:27 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2019-03-13 08:20 - 2019-02-06 18:52 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2019-03-13 08:20 - 2019-02-01 05:27 - 002447600 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2019-03-13 08:20 - 2019-01-09 05:20 - 000048128 _____ (Microsoft Corporation) C:\windows\system32\hcproviders.dll
2019-03-13 08:20 - 2019-01-09 05:06 - 000894976 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
2019-03-13 08:20 - 2019-01-09 04:52 - 000038912 _____ (Microsoft Corporation) C:\windows\SysWOW64\hcproviders.dll
2019-03-13 08:20 - 2019-01-09 04:45 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenterCPL.dll
2019-03-13 08:20 - 2019-01-08 07:02 - 001764504 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2019-03-13 08:20 - 2019-01-08 06:12 - 001489704 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2019-03-13 08:20 - 2019-01-05 08:35 - 000152128 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2019-03-13 08:20 - 2019-01-04 15:15 - 001635328 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000799744 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000727040 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000623104 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000495616 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000451584 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000313856 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2019-03-13 08:20 - 2019-01-04 15:15 - 000253952 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2019-03-13 08:19 - 2019-03-06 07:26 - 000032896 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2019-03-13 08:19 - 2019-03-06 05:50 - 002780160 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2019-03-13 08:19 - 2019-02-26 08:31 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2019-03-13 08:19 - 2019-02-26 07:58 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2019-03-13 08:19 - 2019-02-26 07:56 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2019-03-13 08:19 - 2019-02-26 07:56 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2019-03-13 08:19 - 2019-02-26 07:46 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2019-03-13 08:19 - 2019-02-26 07:44 - 000381440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2019-03-13 08:19 - 2019-02-26 07:41 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2019-03-13 08:19 - 2019-02-26 07:39 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2019-03-13 08:19 - 2019-02-26 07:39 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2019-03-13 08:19 - 2019-02-26 07:33 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2019-03-13 08:19 - 2019-02-26 07:31 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2019-03-13 08:19 - 2019-02-26 07:25 - 002882048 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
2019-03-13 08:19 - 2019-02-26 07:20 - 001049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
2019-03-13 08:19 - 2019-02-09 18:49 - 000316416 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
2019-03-13 08:19 - 2019-02-09 18:49 - 000200704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\exfat.sys
2019-03-13 08:19 - 2019-02-09 18:49 - 000088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdfs.sys
2019-03-13 08:19 - 2019-02-09 18:18 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2019-03-13 08:19 - 2019-02-09 17:56 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2019-03-13 08:19 - 2019-02-08 20:55 - 000058880 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2019-03-13 08:19 - 2019-02-08 19:32 - 000044544 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2019-03-13 08:19 - 2019-02-06 20:30 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2019-03-13 08:19 - 2019-02-06 20:30 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2019-03-13 08:19 - 2019-01-09 05:10 - 000546816 _____ (Microsoft Corporation) C:\windows\system32\ActionCenterCPL.dll
2019-03-13 08:19 - 2019-01-09 04:40 - 000839680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
2019-03-12 22:34 - 2019-03-12 22:34 - 007316688 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_7.2.7.0 (2).exe
2019-03-12 22:24 - 2019-03-12 22:27 - 000000000 ____D C:\AdwCleaner
2019-03-12 22:24 - 2019-03-12 22:21 - 007316688 _____ (Malwarebytes) C:\Users\User\Desktop\adwcleaner_7.2.7.0.exe
2019-03-12 22:22 - 2019-03-12 22:22 - 007316688 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_7.2.7.0 (1).exe
2019-03-12 22:21 - 2019-03-12 22:21 - 007316688 _____ (Malwarebytes) C:\Users\User\Downloads\adwcleaner_7.2.7.0.exe
2019-03-11 22:23 - 2019-03-17 04:10 - 000000000 ____D C:\Program Files\trend micro
2019-03-11 22:23 - 2019-03-11 22:24 - 000000000 ____D C:\rsit
2019-03-11 22:23 - 2019-02-28 19:47 - 001222144 _____ C:\Users\User\Desktop\RSITx64.exe
2019-03-06 21:44 - 2019-03-17 21:43 - 000001090 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\VideoViewer.lnk
2019-03-06 21:44 - 2019-03-06 21:44 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VideoViewer
2019-03-06 21:44 - 2019-03-06 21:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoViewer
2019-03-06 21:44 - 2005-08-30 11:55 - 001268736 ____N (Microsoft Corporation) C:\windows\SysWOW64\XY_quartz.dll
2019-03-06 21:44 - 2004-08-04 00:47 - 000559616 ____N (Microsoft Corporation) C:\windows\SysWOW64\XY_qedit.dll
2019-03-06 21:44 - 2004-05-04 11:53 - 001645320 ____N (Microsoft Corporation) C:\windows\SysWOW64\XY_gdiplus.dll
2019-03-06 21:42 - 2019-03-17 21:42 - 000017408 _____ (Microsoft Corporation) C:\psapi.dll
2019-03-06 21:42 - 2015-06-24 17:43 - 000999424 _____ C:\windows\SysWOW64\AVC_LIVE_DLL.dll
2019-03-06 21:42 - 2015-06-24 15:51 - 000360448 _____ (AVTECH) C:\windows\SysWOW64\AVC_MPEG4.dll
2019-03-06 21:42 - 2015-06-24 13:15 - 000212992 _____ C:\windows\SysWOW64\AVC_JPEG.dll
2019-03-06 21:42 - 2015-06-12 14:26 - 000323584 _____ (AVTECH) C:\windows\SysWOW64\AVC_PB.dll
2019-03-06 21:42 - 2015-05-12 19:13 - 000233472 _____ (TODO: <公司名稱>) C:\windows\SysWOW64\AVC_RTSP.dll
2019-03-06 21:42 - 2015-05-08 16:19 - 000368640 _____ C:\windows\SysWOW64\AVC_H264.dll
2019-03-06 21:42 - 2015-04-21 14:16 - 002147328 _____ (FFmpeg Project) C:\windows\SysWOW64\avcodec-56.26.800.dll
2019-03-06 21:42 - 2015-04-21 14:16 - 000465408 _____ (FFmpeg Project) C:\windows\SysWOW64\avutil-54.20.800.dll
2019-03-06 21:42 - 2015-04-21 14:16 - 000442368 _____ (FFmpeg Project) C:\windows\SysWOW64\swscale-3.1.801.dll
2019-03-06 21:42 - 2015-04-21 14:16 - 000364544 _____ (FFmpeg Project) C:\windows\SysWOW64\avformat-56.25.801.dll
2019-03-06 21:42 - 2014-02-19 18:04 - 000057344 _____ C:\windows\SysWOW64\libAvcAvi.dll
2019-03-06 21:42 - 2013-11-13 16:06 - 002121216 _____ C:\windows\SysWOW64\avcodec-55.40.101.dll
2019-03-06 21:42 - 2013-11-13 16:06 - 000399360 _____ C:\windows\SysWOW64\avutil-52.49.100.dll
2019-03-06 21:42 - 2013-11-13 16:06 - 000368128 _____ C:\windows\SysWOW64\swscale-2.5.101.dll
2019-03-06 21:42 - 2013-11-13 16:06 - 000310784 _____ C:\windows\SysWOW64\avformat-55.21.100.dll
2019-03-06 21:42 - 2009-07-21 14:23 - 000131072 _____ (AV-TECH) C:\windows\SysWOW64\AVC_NATT.dll
2019-03-06 21:42 - 2008-05-15 17:44 - 000323584 _____ C:\windows\SysWOW64\Deinterlace.dll
2019-03-06 21:42 - 2005-10-12 20:38 - 000704512 _____ (Intel Corporation) C:\windows\SysWOW64\ijl20.dll
2019-03-06 21:42 - 2003-03-19 11:04 - 000765952 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp71d.dll
2019-03-06 21:42 - 2003-03-19 11:03 - 000544768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr71d.dll
2019-02-28 18:09 - 2019-02-28 18:09 - 000000316 _____ C:\Users\User\Downloads\undefined (1)
2019-02-28 18:09 - 2019-02-28 18:09 - 000000316 _____ C:\Users\User\Downloads\undefined
2019-02-23 20:58 - 2019-02-23 20:59 - 011152628 _____ C:\Users\User\Downloads\Ženy v běhu 2019 trailer (FILMER.CZ).mp4
2019-02-17 22:18 - 2019-02-17 22:18 - 000000000 ____D C:\Users\User\AppData\Roaming\AVAST Software
2019-02-17 22:17 - 2019-02-17 22:17 - 000002102 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-02-17 22:17 - 2019-02-17 22:17 - 000000000 ____D C:\Users\User\AppData\Local\AVAST Software
2019-02-17 22:17 - 2019-02-17 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-02-17 22:15 - 2019-03-17 18:42 - 000004168 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-02-17 22:15 - 2019-03-06 21:55 - 000000000 ____D C:\windows\System32\Tasks\Avast Software
2019-02-17 22:14 - 2019-03-11 17:17 - 000379952 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-02-17 22:14 - 2019-02-17 22:15 - 000474456 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-02-17 22:14 - 2019-02-17 22:15 - 000249672 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 001034432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000362888 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-02-17 22:14 - 2019-02-17 22:13 - 000216784 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000205400 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000167304 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000112312 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000087944 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000042288 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-02-17 22:14 - 2019-02-17 22:13 - 000037104 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-02-17 22:14 - 2019-02-17 22:12 - 000320696 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-02-17 22:14 - 2019-02-17 22:12 - 000225680 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-02-17 22:14 - 2019-02-17 22:12 - 000196072 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-02-17 22:14 - 2019-02-17 22:12 - 000057960 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-02-17 22:13 - 2019-02-17 22:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-02-17 22:12 - 2019-02-17 22:12 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-17 22:11 - 2019-02-17 22:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-02-17 22:11 - 2019-02-17 22:11 - 007698240 _____ (AVAST Software) C:\Users\User\Downloads\avast_free_antivirus_setup_online_l3b.exe
2019-02-15 19:42 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2019-02-15 19:41 - 2019-01-12 02:18 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2019-02-15 19:41 - 2019-01-09 04:34 - 000134656 _____ (Microsoft Corporation) C:\windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 19:41 - 2019-01-09 04:21 - 000102400 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-15 19:41 - 2019-01-08 02:22 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2019-02-15 19:41 - 2018-12-28 03:12 - 000178128 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2019-02-15 19:41 - 2018-12-27 23:47 - 001441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2019-02-15 19:41 - 2018-12-27 23:41 - 000963072 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2019-02-15 19:41 - 2018-12-27 23:24 - 000780800 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2019-02-15 19:41 - 2018-12-27 23:11 - 000785408 _____ (Microsoft Corporation) C:\windows\system32\Windows.Web.dll
2019-02-15 19:41 - 2018-12-27 23:05 - 000566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Web.dll
2019-02-15 19:41 - 2018-12-27 18:57 - 000805376 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
2019-02-15 19:41 - 2018-12-27 17:30 - 000626176 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
2019-02-15 19:41 - 2018-12-08 20:00 - 000080384 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
2019-02-15 19:41 - 2018-12-08 12:23 - 000121272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2019-02-15 19:41 - 2018-12-08 07:25 - 002173040 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2019-02-15 19:41 - 2018-12-08 06:32 - 001563376 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2019-02-15 19:41 - 2018-12-08 04:49 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2019-02-15 19:41 - 2018-12-02 11:08 - 000179712 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2019-02-15 19:41 - 2018-12-01 17:44 - 000151040 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2019-02-15 19:41 - 2018-11-28 09:34 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2019-02-15 19:41 - 2018-11-28 09:17 - 000200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2019-02-15 19:41 - 2018-10-12 14:19 - 000998480 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-17 21:59 - 2015-03-04 03:37 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-772541380-4209158854-1943554451-1001
2019-03-17 21:55 - 2014-09-18 08:37 - 000000000 ____D C:\ProgramData\LU
2019-03-17 21:54 - 2015-07-30 19:40 - 000001279 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2019-03-17 21:54 - 2015-03-05 04:29 - 000000000 ____D C:\Users\User\AppData\Roaming\Skype
2019-03-17 21:54 - 2015-03-04 03:46 - 000000000 ____D C:\ProgramData\Skype
2019-03-17 21:44 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-03-17 21:43 - 2014-09-18 08:26 - 000002560 _____ C:\windows\system32\VfService.trf
2019-03-17 21:41 - 2014-09-18 08:10 - 000734510 _____ C:\windows\system32\perfh005.dat
2019-03-17 21:41 - 2014-09-18 08:10 - 000148820 _____ C:\windows\system32\perfc005.dat
2019-03-17 21:41 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2019-03-17 21:41 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2019-03-17 18:50 - 2015-03-05 05:44 - 000003970 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{B7C96515-420D-4A91-9419-526D1FB9EF15}
2019-03-17 04:11 - 2015-03-06 20:55 - 000000000 ____D C:\Users\User\AppData\Local\CyberLink
2019-03-16 20:59 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2019-03-16 20:01 - 2013-08-22 15:44 - 000346656 _____ C:\windows\system32\FNTCACHE.DAT
2019-03-16 19:57 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2019-03-16 19:51 - 2015-03-04 23:26 - 000000000 ___SD C:\windows\system32\CompatTel
2019-03-16 19:51 - 2015-03-04 23:26 - 000000000 ____D C:\windows\system32\appraiser
2019-03-16 19:51 - 2013-08-22 16:36 - 000000000 ___RD C:\windows\ToastData
2019-03-14 19:57 - 2015-03-05 06:02 - 000000000 ____D C:\windows\system32\MRT
2019-03-14 19:52 - 2015-03-05 06:02 - 127411920 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-03-13 16:15 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2019-03-13 11:25 - 2015-09-12 20:02 - 000000000 ____D C:\Users\User\Desktop\směs fotek
2019-03-13 07:18 - 2015-03-04 03:42 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-13 07:18 - 2015-03-04 03:42 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-13 06:59 - 2018-12-12 18:12 - 000513376 _____ C:\windows\SysWOW64\locale.nls
2019-03-13 06:59 - 2018-12-12 18:12 - 000513376 _____ C:\windows\system32\locale.nls
2019-03-12 19:55 - 2013-08-22 16:36 - 000000000 ____D C:\windows\LiveKernelReports
2019-03-12 19:46 - 2015-03-04 03:29 - 000000000 ____D C:\Users\User\AppData\Local\SweetLabs App Platform
2019-03-11 18:29 - 2014-09-18 08:32 - 000000000 ____D C:\ProgramData\Energy Manager
2019-03-06 21:55 - 2015-03-04 03:42 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-06 21:55 - 2015-03-04 03:42 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-06 21:55 - 2014-09-18 08:31 - 000003498 _____ C:\windows\System32\Tasks\OFFICE2013ACT
2019-03-06 21:55 - 2014-09-18 08:25 - 000003056 _____ C:\windows\System32\Tasks\PDVDServ Task
2019-03-06 21:55 - 2014-09-18 07:41 - 000002990 _____ C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2019-02-17 22:07 - 2014-09-18 08:14 - 000000000 ____D C:\ProgramData\McAfee
2019-02-17 21:55 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2019-02-15 18:29 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM

==================== Files in the root of some directories =======

2016-09-28 17:11 - 2016-09-28 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{44DD4F38-0E3F-47C5-96AA-6483D6181931}
2016-10-04 17:11 - 2016-10-04 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{EA3D4F6B-7519-435B-A05B-7100588880D1}

Some files in TEMP:
====================
2019-02-17 21:55 - 2014-11-21 16:18 - 000098824 _____ (McAfee Inc.) C:\Users\User\AppData\Local\Temp\mccspuninstall.exe
2018-12-23 15:04 - 2018-12-23 15:06 - 044622200 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct10DB.tmp.exe
2015-05-27 21:31 - 2015-07-29 17:37 - 493086144 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct1D5C.tmp.exe
2015-03-05 05:44 - 2015-03-05 05:45 - 061862720 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct1FE2.tmp.exe
2016-10-21 19:10 - 2016-12-12 22:15 - 064111920 _____ () C:\Users\User\AppData\Local\Temp\oct4474.tmp.exe
2017-12-06 19:54 - 2017-12-06 19:56 - 041373360 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct4480.tmp.exe
2018-10-04 19:50 - 2018-10-04 19:51 - 043898176 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct4511.tmp.exe
2015-11-06 20:33 - 2015-11-06 20:35 - 064809432 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct4577.tmp.exe
2015-05-09 09:56 - 2015-05-09 10:01 - 107701776 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct5688.tmp.exe
2017-05-22 04:55 - 2017-05-22 04:57 - 064118864 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct5A02.tmp.exe
2017-12-17 22:39 - 2017-12-17 22:41 - 041440856 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct6176.tmp.exe
2015-09-28 19:36 - 2015-10-21 18:30 - 134559220 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct8829.tmp.exe
2016-09-03 17:34 - 2016-10-16 18:03 - 064108904 _____ () C:\Users\User\AppData\Local\Temp\oct8C4F.tmp.exe
2017-10-27 20:50 - 2017-10-27 20:51 - 042197072 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct8DF3.tmp.exe
2015-08-03 15:23 - 2015-08-03 15:27 - 067114248 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct8E97.tmp.exe
2017-09-30 19:04 - 2017-09-30 19:05 - 041564368 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct8FA0.tmp.exe
2015-07-30 19:33 - 2015-07-30 19:42 - 067096576 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\oct90A4.tmp.exe
2015-10-26 20:53 - 2015-11-01 18:36 - 094936145 _____ () C:\Users\User\AppData\Local\Temp\oct9A6E.tmp.exe
2015-04-16 19:37 - 2015-04-16 19:41 - 107667040 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octAD9A.tmp.exe
2017-09-24 06:33 - 2017-09-24 06:34 - 041563000 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octAFC3.tmp.exe
2015-03-19 21:21 - 2015-03-19 21:27 - 109032712 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octB0AC.tmp.exe
2018-01-22 16:51 - 2018-01-22 18:46 - 041424392 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octB38B.tmp.exe
2016-02-09 17:48 - 2016-09-01 16:59 - 066132180 _____ () C:\Users\User\AppData\Local\Temp\octBC0D.tmp.exe
2018-04-13 19:24 - 2018-04-13 19:25 - 041558960 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octBF47.tmp.exe
2017-08-12 20:15 - 2017-08-12 20:17 - 063610592 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octC278.tmp.exe
2018-11-26 21:12 - 2018-11-26 21:13 - 044113736 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octCEF1.tmp.exe
2015-08-29 19:39 - 2015-09-13 19:23 - 201608856 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octD0A6.tmp.exe
2017-10-09 19:52 - 2017-10-09 19:54 - 041565936 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octE9D0.tmp.exe
2015-09-13 19:45 - 2015-09-21 19:19 - 134405904 _____ (SweetLabs,Inc.) C:\Users\User\AppData\Local\Temp\octF173.tmp.exe
2016-12-17 19:12 - 2017-05-14 19:00 - 064111920 _____ () C:\Users\User\AppData\Local\Temp\octF82.tmp.exe
2018-04-13 19:28 - 2018-04-13 19:27 - 000534528 _____ () C:\Users\User\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\dllhost.exe => File is digitally signed
C:\windows\SysWOW64\dllhost.exe => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-11 17:23

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by User (17-03-2019 22:17:18)
Running from C:\Users\User\Desktop
Windows 8.1 Connected (Update) (X64) (2015-03-04 02:29:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-772541380-4209158854-1943554451-500 - Administrator - Disabled)
Guest (S-1-5-21-772541380-4209158854-1943554451-501 - Limited - Disabled)
User (S-1-5-21-772541380-4209158854-1943554451-1001 - Administrator - Enabled) => C:\Users\User

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Chrome (HKLM-x32\...\{D23A947A-7D38-3AF8-B3D5-BE988282D40D}) (Version: 73.0.3683.75 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{2F45A217-E9C7-4984-B0AC-5BE31FF4712B}) (Version: 2.4.003.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Saal Designer (HKLM-x32\...\{CDB7C673-311A-AB20-D4A4-8F67E39CDFCD}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Designer (HKLM-x32\...\SaalDesigner) (Version: 4.0 - Saal Digital Fotoservice GmbH)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Video Viewer (HKLM-x32\...\Video Viewer) (Version: 0.2.1.4 - AVTECH Corporation, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
zavvyuka (HKLM-x32\...\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1) (Version: 1.0.01 - Novuco)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1610.2.7 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-772541380-4209158854-1943554451-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-17] (AVAST Software s.r.o. -> AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03EB26A8-1E39-4D91-AACE-F7B06145415A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {142C741B-37B4-451C-8857-8678223CA32A} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> )
Task: {29157326-6DD5-4E83-A178-4F85E951E21A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {3FCD8217-2392-4D08-8067-14ECC06E4E97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {4DEA0427-5215-4CBB-9FB7-D5DC95E303B9} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {57C937BA-99E9-4946-86CD-CC2B42AE95DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {85BB4FD9-338C-4E17-9DA5-5293EFF1D0B3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe (LENOVO -> Lenovo)
Task: {884C9A8F-36CA-4A7B-917D-9A957B090ACF} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE (CyberLink Corp. -> CyberLink Corp.)
Task: {8BFFFA66-CC61-45DC-B41A-233A325DB7B6} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {A1EC6B67-97C9-4339-86DD-E0BF58F2E1D9} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs () [File not signed]
Task: {C52CB123-F096-45F7-AB7B-CE9D83EC549C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe (LENOVO -> )
Task: {D05A2B2E-9370-4810-8000-8E17640C7716} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> )
Task: {E97C7A18-4A8F-46F8-AE03-0FE43309D797} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-07-02 04:08 - 2013-07-02 04:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2010-11-18 21:08 - 2010-11-18 21:08 - 000086016 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-09-18 08:12 - 2014-04-24 01:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2014-09-18 08:25 - 2014-09-18 08:25 - 000815104 _____ () [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-09-18 08:21 - 2014-09-18 08:21 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
2014-09-18 08:25 - 2014-09-18 08:25 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-09-18 08:25 - 2014-09-18 08:25 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2016-11-12 22:00 - 2015-12-02 12:35 - 004420608 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\Desktop\fotky\P8260181.JPG
DNS Servers: 62.240.163.170 - 62.204.224.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{10E41069-AFD7-48F5-9A4C-15CC7E76D99D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{B3C2869F-2E0C-4C12-8B8C-2F1D89AAC172}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{008E6CD0-43B4-4957-9C64-9102F53BF84F}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{AE992A52-56B2-40A3-B384-ADFFA36C88E2}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{838E4A0C-2829-4777-B243-19D21B72FDD3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{579AC9B7-9DE3-45DA-ACF7-6B9B737643B7}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9B8EF0FE-EECF-4653-84AB-A3826A177E2D}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe No File
FirewallRules: [{E9DD2A58-78BD-4564-B1BA-C9E1063E7B99}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1DD3A93D-B418-4BD1-8DBB-98537ECD5455}] => (Allow) LPort=55100
FirewallRules: [{1DC972CB-19CB-46A6-91B0-724F0388644F}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{AD6BBEEC-70A3-49EF-9580-0F23A34032ED}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{ABFEC131-F9B4-4A31-A20C-D90183D7BF78}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{9DB58AAA-ADA7-4B1E-8F52-AEBE93DB24C9}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe (AVTECH) [File not signed]
FirewallRules: [UDP Query User{1D94412F-5442-4C75-87A6-09EC352AC268}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe (AVTECH) [File not signed]
FirewallRules: [{5C1D50BB-DC41-45E7-B3A2-CB98DCD3C317}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

24-02-2019 15:52:01 Naplánovaný kontrolní bod
04-03-2019 17:22:59 Naplánovaný kontrolní bod
11-03-2019 18:43:29 Naplánovaný kontrolní bod
14-03-2019 19:50:40 Windows Update
17-03-2019 21:53:37 Removed Skype™ 7.2

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2019 09:38:59 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (03/16/2019 07:57:27 PM) (Source: LenovoWiFiHotspotSvr) (EventID: 1) (User: )
Description: LenovoWiFiHotspotSvrm_IcsMgr == NULL failed with 0

Error: (03/16/2019 07:57:27 PM) (Source: PhoneCompanionVap_ICS) (EventID: 1) (User: )
Description: Event-ID 1

Error: (03/13/2019 02:34:36 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (03/13/2019 06:56:17 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (03/12/2019 07:25:34 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 80070005).

Error: (03/12/2019 04:29:27 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: Problém zabránil odeslání dat programu Zlepšování softwaru a služeb na základě zkušeností uživatelů společnosti Microsoft, (chyba 90080108).

Error: (03/11/2019 05:10:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.0.0.0, časové razítko: 0x52d9e32d
Název chybujícího modulu: MurocApi.dll, verze: 17.0.0.0, časové razítko: 0x52d9e279
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002bd48
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0x01d4d824bd3bf2c2
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: 2b72b73a-4418-11e9-82ab-303a64bb0827
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (03/17/2019 09:50:28 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70

Error: (03/17/2019 09:44:40 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a28\??\C:\Users\User\ntuser.dat

Error: (03/17/2019 09:43:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2019 07:09:14 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2019 07:08:44 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2019 01:54:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2019 01:54:04 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/17/2019 12:45:29 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server {1B1F472E-3221-4826-97DB-2C2324D389AE} se v daném časovém limitu neregistroval u služby DCOM.

Windows Defender:
===================================
Date: 2019-02-10 22:43:48.056
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {15D5EE46-7122-4FF1-A160-BC00E864E38A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-10 17:26:35.770
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DDBFA2E6-D96D-49F0-91F9-51B1D5C1D2B9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-07 20:08:47.531
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C3AD493A-5EAE-4E91-BDAB-0E231300E7F8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-01-07 19:42:19.081
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9DC58C08-BEC8-44AF-9504-2F3C55C9DA9B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-12-22 19:17:25.666
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B9B35293-0A9E-41B3-8A6D-59DFA008A422}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-02-14 20:35:09.464
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.1510.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-02-13 19:28:15.503
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.1418.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-02-12 16:56:36.936
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.1365.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-02-11 15:34:42.037
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.1211.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

Date: 2019-02-09 20:30:44.525
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.1143.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80080005
Popis chyby :Provádění serveru selhalo

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 45%
Total physical RAM: 3979.21 MB
Available physical RAM: 2181.15 MB
Total Virtual: 4875.21 MB
Available Virtual: 3087.23 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:349.97 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.95 GB) NTFS

\\?\Volume{77fe31f5-3243-4460-be0a-ba0bc3f89809}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{1f4093e3-ea99-43f8-8847-2d123cffcc3b}\ (PBR_DRV) (Fixed) (Total:13.29 GB) (Free:4.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: AFB154FE)

Partition: GPT.

==================== End of Addition.txt ============================

#6 Příspěvek od **Conder** » 17 bře 2019 23:10

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-772541380-4209158854-1943554451-1001"
Folder: C:\ProgramData\LU
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1

HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Application Restart #3] => C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki -> Pokki)
C:\Users\User\AppData\Local\SweetLabs App Platform
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Adobe Speed Launcher] => 1552855538
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-772541380-4209158854-1943554451-1001 -> {158D0E6B-EAA7-43C8-BEE0-02BCEF88DD1C} URL = 
CHR HomePage: Default -> hxxp://www.motorkari.cz/relocate.php?re=2063
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
2019-03-11 22:23 - 2019-03-17 04:10 - 000000000 ____D C:\Program Files\trend micro
2019-03-11 22:23 - 2019-03-11 22:24 - 000000000 ____D C:\rsit
2019-03-11 22:23 - 2019-02-28 19:47 - 001222144 _____ C:\Users\User\Desktop\RSITx64.exe
2019-02-17 22:07 - 2014-09-18 08:14 - 000000000 ____D C:\ProgramData\McAfee
2016-09-28 17:11 - 2016-09-28 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{44DD4F38-0E3F-47C5-96AA-6483D6181931}
2016-10-04 17:11 - 2016-10-04 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{EA3D4F6B-7519-435B-A05B-7100588880D1}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
Task: {A1EC6B67-97C9-4339-86DD-E0BF58F2E1D9} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs () [File not signed]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

Hosts:
EmptyTemp:
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

funkymusic · #7 Příspěvek od **funkymusic** » 24 bře 2019 22:08

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by User (24-03-2019 21:52:29) Run:1
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-772541380-4209158854-1943554451-1001"
Folder: C:\ProgramData\LU
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1

HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Application Restart #3] => C:\Users\User\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki -> Pokki)
C:\Users\User\AppData\Local\SweetLabs App Platform
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\...\RunOnce: [Adobe Speed Launcher] => 1552855538
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-772541380-4209158854-1943554451-1001 -> {158D0E6B-EAA7-43C8-BEE0-02BCEF88DD1C} URL =
CHR HomePage: Default -> hxxp://www.motorkari.cz/relocate.php?re=2063
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
2019-03-11 22:23 - 2019-03-17 04:10 - 000000000 ____D C:\Program Files\trend micro
2019-03-11 22:23 - 2019-03-11 22:24 - 000000000 ____D C:\rsit
2019-03-11 22:23 - 2019-02-28 19:47 - 001222144 _____ C:\Users\User\Desktop\RSITx64.exe
2019-02-17 22:07 - 2014-09-18 08:14 - 000000000 ____D C:\ProgramData\McAfee
2016-09-28 17:11 - 2016-09-28 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{44DD4F38-0E3F-47C5-96AA-6483D6181931}
2016-10-04 17:11 - 2016-10-04 17:11 - 000000000 _____ () C:\Users\User\AppData\Local\{EA3D4F6B-7519-435B-A05B-7100588880D1}
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {A1EC6B67-97C9-4339-86DD-E0BF58F2E1D9} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs () [File not signed]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========

Count : 1576
Average :
Sum : 34786693275
Maximum :
Minimum :
Property : Length

========= End of Powershell: =========

========= type "C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-772541380-4209158854-1943554451-1001" =========

<?xml version="1.0" encoding="UTF-16"?>
<Task version="1.4" xmlns="http://schemas.microsoft.com/windows/2004/02/mit/task">
<RegistrationInfo>
<Source>$(@%SystemRoot%\system32\twinapi.dll,-8000)</Source>
<Author>$(@%SystemRoot%\system32\twinapi.dll,-8001)</Author>
<Description>$(@%SystemRoot%\system32\twinapi.dll,-8002)</Description>
</RegistrationInfo>
<Triggers>
<IdleTrigger>
<Enabled>true</Enabled>
</IdleTrigger>
</Triggers>
<Principals>
<Principal id="AnyUser">
<UserId>S-1-5-21-772541380-4209158854-1943554451-1001</UserId>
<LogonType>InteractiveToken</LogonType>
<RunLevel>LeastPrivilege</RunLevel>
</Principal>
</Principals>
<Settings>
<MultipleInstancesPolicy>IgnoreNew</MultipleInstancesPolicy>
<DisallowStartIfOnBatteries>false</DisallowStartIfOnBatteries>
<StopIfGoingOnBatteries>false</StopIfGoingOnBatteries>
<AllowHardTerminate>false</AllowHardTerminate>
<StartWhenAvailable>false</StartWhenAvailable>
<RunOnlyIfNetworkAvailable>false</RunOnlyIfNetworkAvailable>
<IdleSettings>
<Duration>PT0M</Duration>
<StopOnIdleEnd>false</StopOnIdleEnd>
<RestartOnIdle>false</RestartOnIdle>
</IdleSettings>
<AllowStartOnDemand>true</AllowStartOnDemand>
<Enabled>false</Enabled>
<Hidden>false</Hidden>
<UseUnifiedSchedulingEngine>false</UseUnifiedSchedulingEngine>
<RunOnlyIfIdle>true</RunOnlyIfIdle>
<WakeToRun>false</WakeToRun>
<ExecutionTimeLimit>PT0S</ExecutionTimeLimit>
<Priority>7</Priority>
</Settings>
<Actions Context="AnyUser">
<ComHandler>
<ClassId>{2D3F8A1B-6DCD-4ED5-BDBA-A096594B98EF}</ClassId>
<Data><![CDATA[$(Arg0)]]></Data>
</ComHandler>
</Actions>
</Task>
========= End of CMD: =========

========================= Folder: C:\ProgramData\LU ========================

2014-09-18 08:37 - 2019-03-17 21:54 - 000000256 ____A [71287376FDCE87A7F555BF218DB8A297] () C:\ProgramData\LU\first.xml
2014-09-18 08:37 - 2014-01-19 03:06 - 000000167 ____A [80ADDA9176BC676B068E34DE52D33E8A] () C:\ProgramData\LU\LenovoLU.xml
2014-09-18 08:37 - 2019-03-17 21:55 - 000000049 ____A [8C4FF65A7DBAB6D66F917F3B01D0DB84] () C:\ProgramData\LU\LenovoLULog.xml
2014-09-18 08:37 - 2019-03-17 21:55 - 000824604 ____A [929FB909E9287A64CEDA547884577D55] () C:\ProgramData\LU\llu.log
2014-09-18 08:37 - 2019-03-17 21:54 - 000000166 ____A [4630BBE17CD8CB1BADA2F47322121E4E] () C:\ProgramData\LU\LU.ini
2015-07-30 19:40 - 2019-03-17 21:54 - 000002034 ____A [7DA44672B995AB77FA3CF703F4332E7D] () C:\ProgramData\LU\second.xml

====== End of Folder: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{94A65759-6B3F-4AF8-944A-66F3FABDEFDE}_is1]
"Inno Setup: Setup Version"="5.5.4 (u)"
"Inno Setup: App Path"="C:\Program Files (x86)\ZAV"
"InstallLocation"="C:\Program Files (x86)\ZAV\"
"Inno Setup: Icon Group"="ZAV"
"Inno Setup: User"="User"
"Inno Setup: Selected Tasks"="desktopicon"
"Inno Setup: Deselected Tasks"="quicklaunchicon"
"Inno Setup: Language"="cz"
"DisplayName"="zavvyuka"
"DisplayIcon"="C:\Program Files (x86)\ZAV\zavvyuka.exe"
"UninstallString"=""C:\Program Files (x86)\ZAV\unins000.exe""
"QuietUninstallString"=""C:\Program Files (x86)\ZAV\unins000.exe" /SILENT"
"DisplayVersion"="1.0.01"
"Publisher"="Novuco"
"NoModify"="1"
"NoRepair"="1"
"InstallDate"="20150612"
"MajorVersion"="1"
"MinorVersion"="0"
"EstimatedSize"="11351"

=== End of ExportKey ===
"HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Application Restart #3" => removed successfully
C:\Users\User\AppData\Local\SweetLabs App Platform => moved successfully
"HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Adobe Speed Launcher" => not found
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\S-1-5-21-772541380-4209158854-1943554451-1001\Software\Microsoft\Internet Explorer\Main\\Secondary Start Pages" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKU\S-1-5-21-772541380-4209158854-1943554451-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{158D0E6B-EAA7-43C8-BEE0-02BCEF88DD1C} => removed successfully
HKLM\Software\Classes\CLSID\{158D0E6B-EAA7-43C8-BEE0-02BCEF88DD1C} => not found
"Chrome HomePage" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
C:\Program Files\trend micro => moved successfully
C:\rsit => moved successfully
C:\Users\User\Desktop\RSITx64.exe => moved successfully
C:\ProgramData\McAfee => moved successfully
C:\Users\User\AppData\Local\{44DD4F38-0E3F-47C5-96AA-6483D6181931} => moved successfully
C:\Users\User\AppData\Local\{EA3D4F6B-7519-435B-A05B-7100588880D1} => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A1EC6B67-97C9-4339-86DD-E0BF58F2E1D9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A1EC6B67-97C9-4339-86DD-E0BF58F2E1D9}" => removed successfully
C:\windows\System32\Tasks\OFFICE2013ACT => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OFFICE2013ACT" => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => removed successfully
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18270658 B
Java, Flash, Steam htmlcache => 894 B
Windows/system/drivers => 150929706 B
Edge => 0 B
Chrome => 410081359 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 149680 B
NetworkService => 1179276 B
User => 3344022218 B

RecycleBin => 1551939601 B
EmptyTemp: => 5.1 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 21:59:19 ====

#8 Příspěvek od **Conder** » 25 bře 2019 00:29

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy (napr. tie reklamy v Chrome)?

funkymusic · #9 Příspěvek od **funkymusic** » 26 bře 2019 21:51

Stále v pravém dolním rohu v chromu vyskakuje okno s reklamou, většinou erotickou.

Díky za pomoc.

#10 Příspěvek od **Conder** » 27 bře 2019 16:55

Zrejme mas na mysli webove notifikacie. V Chrome chod do Nastaveni -> (dole) Rozsirene -> Nastavenia obsahu -> Upozornenia a v casti Povolene odstran vsetky webove stranky, ktore nepoznas. Tiez skontroluj, ci je tam zapnuta moznost "Spytat sa pred odoslanim".

Tu je aj Google navod (v cestine): https://support.google.com/chrome/answer/3220216?hl=cs

Ak toto nepomoze, tak urob screenshot tej hlasky a posli odkaz alebo ako prilohu.

VIRY.CZ

reklamy v chromu

reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu

Re: reklamy v chromu