prosim o radu, google se mi zacal sam zavirat. je to vir?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by X220 (administrator) on X220-PC (06-04-2019 19:59:28)
Running from C:\Users\X220\Downloads
Loaded Profiles: X220 (Available Profiles: X220 & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\X220\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHBE.EXE
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384344 2014-02-17] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (LENOVO -> Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant Systems, Inc. -> Conexant systems, Inc.)
HKLM\...\Run: [IME14 KOR Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHS Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 KOR Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 JPN Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHT Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [GoogleChromeAutoLaunch_53D957690F7090EE22C9B2AAB3AEA4EE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-03-20] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE [283232 2014-11-19] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{2ee8e95c-2e2c-4559-8291-7ddd3a1fc3cc}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{536cbbe9-e41f-4c3b-a8f9-dea740506360}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{cc8d2721-11ea-448a-96b8-5a402cb64177}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3465244428-113409522-2167852280-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: en0h23em.default
FF ProfilePath: C:\Users\X220\AppData\Roaming\TomTom\HOME\Profiles\lqh3uc1l.default [2018-02-22]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default [2019-04-04]
FF NewTab: Mozilla\Firefox\Profiles\en0h23em.default -> about:newtab
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\sp@avast.com.xpi [2019-02-06]
FF Extension: (Avast Online Security) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\wrc@avast.com.xpi [2019-02-06]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-10-27] [Legacy] [not signed]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://search.findwide.com/?guid={85EE7439-38F2-48C5-8D6E-0748D8390267}&serpv=22
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR DefaultSearchURL: ChromeDefaultData -> hxxps://mail.google.com/mail/u/0/#inbox
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-06] <==== ATTENTION
CHR Extension: (Slides) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-08]
CHR Extension: (Docs) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-08]
CHR Extension: (Google Drive) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Sheets) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] (Huawei Technologies Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
S3 b06diag; C:\WINDOWS\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation -> Broadcom Corporation)
S3 BFN7x64; C:\WINDOWS\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [480040 2015-06-16] (Intel(R) Intel Network Drivers -> Intel Corporation)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-12] (Microsoft Windows -> Intel Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-06 19:59 - 2019-04-06 20:02 - 000031007 _____ C:\Users\X220\Downloads\FRST.txt
2019-04-06 19:59 - 2019-04-06 19:59 - 000000000 ____D C:\FRST
2019-04-06 19:57 - 2019-04-06 19:57 - 002434048 _____ (Farbar) C:\Users\X220\Downloads\FRST64.exe
2019-03-27 23:12 - 2019-03-27 23:11 - 000162937 ____C C:\Users\X220\Desktop\kontotransactionlist_2018_05-12.xls
2019-03-23 02:12 - 2019-03-23 02:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-03-19 21:48 - 2019-03-19 21:48 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-03-19 21:48 - 2019-03-19 21:48 - 000047800 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-03-19 21:48 - 2019-03-19 21:48 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-03-19 21:48 - 2019-03-19 21:48 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-03-12 15:47 - 2019-04-03 15:23 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit pozdeji
2019-03-09 23:16 - 2019-03-09 23:16 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\uTorrent
2019-03-08 21:43 - 2019-04-02 09:50 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit
2019-03-08 12:20 - 2019-03-11 22:44 - 000000000 ___DC C:\Users\X220\Documents\pending
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-06 19:57 - 2018-10-30 03:38 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-06 19:55 - 2018-06-26 09:07 - 000000000 ___DC C:\Users\X220\AppData\Local\CrashDumps
2019-04-06 19:52 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-06 19:15 - 2018-10-30 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-06 17:20 - 2018-10-30 12:08 - 000774036 _____ C:\WINDOWS\system32\perfh01D.dat
2019-04-06 17:20 - 2018-10-30 12:08 - 000169034 _____ C:\WINDOWS\system32\perfc01D.dat
2019-04-06 17:20 - 2018-10-30 03:17 - 001902138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-06 17:20 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-06 17:14 - 2016-08-31 11:53 - 000000000 ___RD C:\Users\X220\Dropbox
2019-04-06 17:13 - 2018-10-30 03:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-06 17:13 - 2018-10-30 03:21 - 000000000 ____D C:\Users\X220
2019-04-06 17:13 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-06 13:43 - 2017-01-10 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-06 13:43 - 2014-12-10 13:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-05 16:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-05 15:02 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-05 11:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-05 07:42 - 2018-10-30 03:38 - 000003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-05 07:42 - 2018-10-30 03:38 - 000003216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-05 07:42 - 2018-10-30 03:38 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3465244428-113409522-2167852280-1000
2019-04-05 07:42 - 2018-10-30 03:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-04 12:42 - 2018-03-05 12:51 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\Mozilla
2019-04-04 11:05 - 2014-12-10 13:57 - 000001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-27 14:57 - 2018-10-30 03:21 - 000002397 ____C C:\Users\X220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-27 14:57 - 2016-06-24 23:03 - 000000000 ___RD C:\Users\X220\OneDrive
2019-03-26 11:49 - 2015-04-26 16:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-26 11:49 - 2015-04-26 16:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-25 12:02 - 2018-03-05 18:49 - 000000000 ___RD C:\Users\X220\3D Objects
2019-03-23 02:12 - 2016-08-31 11:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-03-22 23:56 - 2017-10-18 11:37 - 000000000 ____D C:\Program Files\rempl
2019-03-22 00:46 - 2018-11-11 14:10 - 000000000 ____D C:\ProgramData\Packages
2019-03-21 14:58 - 2015-05-12 11:25 - 000000000 ___DC C:\Users\X220\Documents\jobs
2019-03-20 00:49 - 2018-10-20 23:48 - 000000000 ___DC C:\Users\X220\AppData\Roaming\vlc
2019-03-16 01:00 - 2009-07-14 04:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-03-13 07:55 - 2014-10-27 21:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 07:43 - 2014-10-27 12:03 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-12 14:21 - 2017-01-03 14:00 - 000000000 ___DC C:\Users\X220\Documents\important
2019-03-12 11:52 - 2015-05-27 00:51 - 000000000 ___DC C:\Users\X220\Documents\technical
2019-03-11 23:59 - 2016-07-22 16:51 - 000000000 ___DC C:\Users\X220\Documents\finance
2019-03-11 14:01 - 2014-11-14 00:36 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-10 00:29 - 2014-12-21 02:53 - 000000000 ___DC C:\Users\X220\AppData\Roaming\uTorrent
2019-03-09 23:18 - 2018-03-31 09:11 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-09 23:18 - 2018-03-31 09:11 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-03-09 12:47 - 2016-08-31 11:50 - 000001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-09 12:47 - 2016-08-31 11:50 - 000001012 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-09 12:41 - 2019-02-19 22:59 - 000000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Google Updater and Installer
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe online update program
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
2019-03-07 15:24 - 2016-07-27 15:35 - 000000000 ___DC C:\Users\X220\Documents\byt_praha
==================== Files in the root of some directories =======
2016-06-17 08:54 - 2016-06-17 08:54 - 000000225 ____C () C:\Users\X220\AppData\Roaming\10-sub-pixel-bgr.conf
2016-06-17 08:54 - 2016-06-17 08:54 - 000004341 ____C () C:\Users\X220\AppData\Roaming\administration.config
2016-06-17 08:54 - 2016-06-17 08:54 - 000003472 ____C () C:\Users\X220\AppData\Roaming\Adobe-GB1-0
2016-06-17 08:54 - 2016-06-17 08:54 - 000003524 ____C () C:\Users\X220\AppData\Roaming\Adobe-Japan1-1
2016-06-17 08:54 - 2016-06-17 08:54 - 000002400 ____C () C:\Users\X220\AppData\Roaming\AlienFX.Communication.Andromeda.tlb
2016-06-17 08:54 - 2016-06-17 08:54 - 000003244 ____C () C:\Users\X220\AppData\Roaming\api-doc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000599 ____C () C:\Users\X220\AppData\Roaming\blue.svg
2016-06-17 08:53 - 2016-06-17 08:53 - 000001234 ____C () C:\Users\X220\AppData\Roaming\body.end.indent.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000004399 ____C () C:\Users\X220\AppData\Roaming\b_ar.jpg
2016-06-17 08:53 - 2016-06-17 08:53 - 000002011 ____C () C:\Users\X220\AppData\Roaming\calendar.rdf
2016-06-17 08:53 - 2016-06-17 08:53 - 000001290 ____C () C:\Users\X220\AppData\Roaming\callout.unicode.start.character.xml
2013-04-16 09:00 - 2013-04-16 09:00 - 000049763 ____C () C:\Users\X220\AppData\Roaming\Catboat.m
2016-06-17 08:53 - 2016-06-17 08:53 - 000001464 ____C () C:\Users\X220\AppData\Roaming\cp_keyboard.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000000946 ____C () C:\Users\X220\AppData\Roaming\crop.mark.bleed.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000003973 ____C () C:\Users\X220\AppData\Roaming\editSettings.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000001704 ____C () C:\Users\X220\AppData\Roaming\f1.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000003652 ____C () C:\Users\X220\AppData\Roaming\generate.toc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000001309 ____C () C:\Users\X220\AppData\Roaming\glossterm.auto.link.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000935 ____C () C:\Users\X220\AppData\Roaming\glossterm.width.xml
1986-05-12 09:00 - 1986-05-12 09:00 - 000001750 ____C () C:\Users\X220\AppData\Roaming\MasseurChromophore.uPS
2018-03-04 00:09 - 2018-03-04 00:09 - 000029696 ____C () C:\Users\X220\AppData\Local\MSGBOX.EXE
2018-12-06 11:52 - 2018-12-06 11:52 - 000000017 ____C () C:\Users\X220\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2019-04-06 13:51 - 2019-04-06 13:51 - 000000000 ____C () C:\Users\X220\AppData\Local\Temp\{1512CBF1-54D5-43C2-815E-1F6BCBDAEF69}-DropboxClient_70.4.93.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-30 03:15
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
google se sam zavira
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by X220 (06-04-2019 20:04:38)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 69.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2019-03-15 15:49 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{186FAC33-E43D-4F99-93B3-4B548A59CDCD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/06/2019 07:55:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1a38
Faulting application start time: 0x01d4eca1dde64fed
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: d1ab4d5d-e9bf-41bd-b84e-e1f1d5002471
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x151c
Faulting application start time: 0x01d4eca1a2617efc
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 2f970408-c221-41b8-9f79-3116b8c10d6c
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x79c
Faulting application start time: 0x01d4eca166b860c7
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: d4384054-bd94-4beb-9066-93866771f733
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:50:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x22b8
Faulting application start time: 0x01d4eca0ef7aad46
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 636998e4-5c1a-4eb8-9e3b-ebc57b80e578
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0xff0
Faulting application start time: 0x01d4eca0b3e0540e
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: c567a790-fffb-466b-851f-3364e44d7094
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0x29f0
Faulting application start time: 0x01d4eca07841250f
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 968b4666-7336-47fc-b480-85176be768a8
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:44:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1364
Faulting application start time: 0x01d4eca0547bc6c5
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: ca13a225-1022-4c69-9753-f89d92c79f45
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0xa94
Faulting application start time: 0x01d4eca024cd4978
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 47675155-bca1-4868-a691-1f3f43a6ff79
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/06/2019 07:48:10 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:37:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:36:06 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:15:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:14:27 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:52 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 13:44:38.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 13:44:34.709
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-03 09:22:54.045
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 8075.23 MB
Available physical RAM: 4917.79 MB
Total Virtual: 16267.23 MB
Available Virtual: 13200.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:0.06 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by X220 (06-04-2019 20:04:38)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 69.4.102 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-03-19] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2019-03-15 15:49 - 2018-08-12 21:29 - 001255424 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{186FAC33-E43D-4F99-93B3-4B548A59CDCD}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/06/2019 07:55:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1a38
Faulting application start time: 0x01d4eca1dde64fed
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: d1ab4d5d-e9bf-41bd-b84e-e1f1d5002471
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:53:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x151c
Faulting application start time: 0x01d4eca1a2617efc
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 2f970408-c221-41b8-9f79-3116b8c10d6c
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:51:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x79c
Faulting application start time: 0x01d4eca166b860c7
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: d4384054-bd94-4beb-9066-93866771f733
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:50:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x22b8
Faulting application start time: 0x01d4eca0ef7aad46
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 636998e4-5c1a-4eb8-9e3b-ebc57b80e578
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0xff0
Faulting application start time: 0x01d4eca0b3e0540e
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: c567a790-fffb-466b-851f-3364e44d7094
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:45:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0x29f0
Faulting application start time: 0x01d4eca07841250f
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 968b4666-7336-47fc-b480-85176be768a8
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:44:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1364
Faulting application start time: 0x01d4eca0547bc6c5
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: ca13a225-1022-4c69-9753-f89d92c79f45
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/06/2019 07:42:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80070070
Fault offset: 0x00000000007e36ae
Faulting process id: 0xa94
Faulting application start time: 0x01d4eca024cd4978
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 47675155-bca1-4868-a691-1f3f43a6ff79
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/06/2019 07:48:10 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:37:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:36:06 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 07:15:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:14:27 PM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/06/2019 05:13:52 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 13:44:38.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 13:44:34.709
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-03 09:22:54.045
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 39%
Total physical RAM: 8075.23 MB
Available physical RAM: 4917.79 MB
Total Virtual: 16267.23 MB
Available Virtual: 13200.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:0.06 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: google se sam zavira
Zdravím!
Zkusíme PC vyčistit. Spusťte tuto utilitu:
Zkusíme PC vyčistit. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-05.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-07-2019
# Duration: 00:00:07
# OS: Windows 10 Pro
# Cleaned: 17
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\X220\AppData\Roaming\IOBIT\Driver Booster
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted HKU\.DEFAULT\SOFTWARE\BFA3D212B06A6B4F767A6B7FD49E5800
Deleted HKU\S-1-5-18\SOFTWARE\BFA3D212B06A6B4F767A6B7FD49E5800
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted FindWide
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted vi-view
Deleted vi-view
Deleted youndoo
Not Deleted FindWide
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2558 octets] - [07/04/2019 11:24:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-05.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-07-2019
# Duration: 00:00:07
# OS: Windows 10 Pro
# Cleaned: 17
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\IOBIT\Driver Booster
Deleted C:\Users\X220\AppData\Roaming\IOBIT\Driver Booster
***** [ Files ] *****
Deleted C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted HKU\.DEFAULT\SOFTWARE\BFA3D212B06A6B4F767A6B7FD49E5800
Deleted HKU\S-1-5-18\SOFTWARE\BFA3D212B06A6B4F767A6B7FD49E5800
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
Deleted FindWide
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted Softonic EN
Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted http://search.findwide.com/?guid={85EE7 ... }&serpv=22
Deleted vi-view
Deleted vi-view
Deleted youndoo
Not Deleted FindWide
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2558 octets] - [07/04/2019 11:24:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: google se sam zavira
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by X220 (administrator) on X220-PC (07-04-2019 19:21:37)
Running from C:\Users\X220\Downloads
Loaded Profiles: X220 & DefaultAppPool (Available Profiles: X220 & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\X220\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHBE.EXE
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.464_none_eaf315ac1d6e512f\TiWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384344 2014-02-17] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (LENOVO -> Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant Systems, Inc. -> Conexant systems, Inc.)
HKLM\...\Run: [IME14 KOR Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHS Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 KOR Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 JPN Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHT Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [GoogleChromeAutoLaunch_53D957690F7090EE22C9B2AAB3AEA4EE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-03-20] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE [283232 2014-11-19] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{2ee8e95c-2e2c-4559-8291-7ddd3a1fc3cc}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{536cbbe9-e41f-4c3b-a8f9-dea740506360}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{cc8d2721-11ea-448a-96b8-5a402cb64177}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3465244428-113409522-2167852280-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: en0h23em.default
FF ProfilePath: C:\Users\X220\AppData\Roaming\TomTom\HOME\Profiles\lqh3uc1l.default [2018-02-22]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default [2019-04-04]
FF NewTab: Mozilla\Firefox\Profiles\en0h23em.default -> about:newtab
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\sp@avast.com.xpi [2019-02-06]
FF Extension: (Avast Online Security) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\wrc@avast.com.xpi [2019-02-06]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-10-27] [Legacy] [not signed]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://search.findwide.com/?guid={85EE7439-38F2-48C5-8D6E-0748D8390267}&serpv=22
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR DefaultSearchURL: ChromeDefaultData -> hxxps://mail.google.com/mail/u/0/#inbox
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-07] <==== ATTENTION
CHR Extension: (Slides) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-08]
CHR Extension: (Docs) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-08]
CHR Extension: (Google Drive) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Sheets) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] (Huawei Technologies Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
S3 b06diag; C:\WINDOWS\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation -> Broadcom Corporation)
S3 BFN7x64; C:\WINDOWS\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [480040 2015-06-16] (Intel(R) Intel Network Drivers -> Intel Corporation)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-12] (Microsoft Windows -> Intel Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-07 11:40 - 2019-04-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-07 11:38 - 2019-04-07 11:38 - 000000000 ____D C:\WINDOWS\Panther
2019-04-07 11:23 - 2019-04-07 11:26 - 000000000 ____D C:\AdwCleaner
2019-04-07 11:22 - 2019-04-07 11:22 - 007025360 _____ (Malwarebytes) C:\Users\X220\Downloads\AdwCleaner.exe
2019-04-06 20:04 - 2019-04-06 20:08 - 000060010 _____ C:\Users\X220\Downloads\Addition.txt
2019-04-06 19:59 - 2019-04-07 19:23 - 000034569 _____ C:\Users\X220\Downloads\FRST.txt
2019-04-06 19:59 - 2019-04-07 19:21 - 000000000 ____D C:\FRST
2019-04-06 19:57 - 2019-04-06 19:57 - 002434048 _____ (Farbar) C:\Users\X220\Downloads\FRST64.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-03-27 23:12 - 2019-03-27 23:11 - 000162937 ____C C:\Users\X220\Desktop\kontotransactionlist_2018_05-12.xls
2019-03-12 15:47 - 2019-04-03 15:23 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit pozdeji
2019-03-09 23:16 - 2019-03-09 23:16 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\uTorrent
2019-03-08 21:43 - 2019-04-02 09:50 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit
2019-03-08 12:20 - 2019-03-11 22:44 - 000000000 ___DC C:\Users\X220\Documents\pending
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-07 19:20 - 2018-10-30 03:38 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-07 19:20 - 2018-10-30 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-07 15:42 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-07 11:43 - 2018-10-30 12:08 - 000774036 _____ C:\WINDOWS\system32\perfh01D.dat
2019-04-07 11:43 - 2018-10-30 12:08 - 000169034 _____ C:\WINDOWS\system32\perfc01D.dat
2019-04-07 11:43 - 2018-10-30 03:17 - 001902138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-07 11:43 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-07 11:41 - 2016-08-31 11:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-07 11:39 - 2016-08-31 11:53 - 000000000 ___RD C:\Users\X220\Dropbox
2019-04-07 11:38 - 2018-10-30 03:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-07 11:38 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-07 11:26 - 2014-10-27 12:09 - 000000000 ___DC C:\Users\X220\AppData\Roaming\IObit
2019-04-07 11:26 - 2014-10-27 12:09 - 000000000 ____D C:\ProgramData\IObit
2019-04-07 10:35 - 2018-06-26 09:07 - 000000000 ___DC C:\Users\X220\AppData\Local\CrashDumps
2019-04-06 17:13 - 2018-10-30 03:21 - 000000000 ____D C:\Users\X220
2019-04-06 13:43 - 2017-01-10 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-06 13:43 - 2014-12-10 13:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-05 16:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-05 15:02 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-05 11:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-05 07:42 - 2018-10-30 03:38 - 000003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-05 07:42 - 2018-10-30 03:38 - 000003216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-05 07:42 - 2018-10-30 03:38 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3465244428-113409522-2167852280-1000
2019-04-05 07:42 - 2018-10-30 03:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-04 12:42 - 2018-03-05 12:51 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\Mozilla
2019-04-04 11:05 - 2014-12-10 13:57 - 000001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-27 14:57 - 2018-10-30 03:21 - 000002397 ____C C:\Users\X220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-27 14:57 - 2016-06-24 23:03 - 000000000 ___RD C:\Users\X220\OneDrive
2019-03-26 11:49 - 2015-04-26 16:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-26 11:49 - 2015-04-26 16:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-25 12:02 - 2018-03-05 18:49 - 000000000 ___RD C:\Users\X220\3D Objects
2019-03-22 23:56 - 2017-10-18 11:37 - 000000000 ____D C:\Program Files\rempl
2019-03-22 00:46 - 2018-11-11 14:10 - 000000000 ____D C:\ProgramData\Packages
2019-03-21 14:58 - 2015-05-12 11:25 - 000000000 ___DC C:\Users\X220\Documents\jobs
2019-03-20 00:49 - 2018-10-20 23:48 - 000000000 ___DC C:\Users\X220\AppData\Roaming\vlc
2019-03-16 01:00 - 2009-07-14 04:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-03-13 07:55 - 2014-10-27 21:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 07:43 - 2014-10-27 12:03 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-12 14:21 - 2017-01-03 14:00 - 000000000 ___DC C:\Users\X220\Documents\important
2019-03-12 11:52 - 2015-05-27 00:51 - 000000000 ___DC C:\Users\X220\Documents\technical
2019-03-11 23:59 - 2016-07-22 16:51 - 000000000 ___DC C:\Users\X220\Documents\finance
2019-03-11 14:01 - 2014-11-14 00:36 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-10 00:29 - 2014-12-21 02:53 - 000000000 ___DC C:\Users\X220\AppData\Roaming\uTorrent
2019-03-09 23:18 - 2018-03-31 09:11 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-09 23:18 - 2018-03-31 09:11 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-03-09 12:47 - 2016-08-31 11:50 - 000001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-09 12:47 - 2016-08-31 11:50 - 000001012 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-09 12:41 - 2019-02-19 22:59 - 000000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Google Updater and Installer
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe online update program
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
==================== Files in the root of some directories =======
2016-06-17 08:54 - 2016-06-17 08:54 - 000000225 ____C () C:\Users\X220\AppData\Roaming\10-sub-pixel-bgr.conf
2016-06-17 08:54 - 2016-06-17 08:54 - 000004341 ____C () C:\Users\X220\AppData\Roaming\administration.config
2016-06-17 08:54 - 2016-06-17 08:54 - 000003472 ____C () C:\Users\X220\AppData\Roaming\Adobe-GB1-0
2016-06-17 08:54 - 2016-06-17 08:54 - 000003524 ____C () C:\Users\X220\AppData\Roaming\Adobe-Japan1-1
2016-06-17 08:54 - 2016-06-17 08:54 - 000002400 ____C () C:\Users\X220\AppData\Roaming\AlienFX.Communication.Andromeda.tlb
2016-06-17 08:54 - 2016-06-17 08:54 - 000003244 ____C () C:\Users\X220\AppData\Roaming\api-doc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000599 ____C () C:\Users\X220\AppData\Roaming\blue.svg
2016-06-17 08:53 - 2016-06-17 08:53 - 000001234 ____C () C:\Users\X220\AppData\Roaming\body.end.indent.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000004399 ____C () C:\Users\X220\AppData\Roaming\b_ar.jpg
2016-06-17 08:53 - 2016-06-17 08:53 - 000002011 ____C () C:\Users\X220\AppData\Roaming\calendar.rdf
2016-06-17 08:53 - 2016-06-17 08:53 - 000001290 ____C () C:\Users\X220\AppData\Roaming\callout.unicode.start.character.xml
2013-04-16 09:00 - 2013-04-16 09:00 - 000049763 ____C () C:\Users\X220\AppData\Roaming\Catboat.m
2016-06-17 08:53 - 2016-06-17 08:53 - 000001464 ____C () C:\Users\X220\AppData\Roaming\cp_keyboard.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000000946 ____C () C:\Users\X220\AppData\Roaming\crop.mark.bleed.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000003973 ____C () C:\Users\X220\AppData\Roaming\editSettings.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000001704 ____C () C:\Users\X220\AppData\Roaming\f1.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000003652 ____C () C:\Users\X220\AppData\Roaming\generate.toc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000001309 ____C () C:\Users\X220\AppData\Roaming\glossterm.auto.link.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000935 ____C () C:\Users\X220\AppData\Roaming\glossterm.width.xml
1986-05-12 09:00 - 1986-05-12 09:00 - 000001750 ____C () C:\Users\X220\AppData\Roaming\MasseurChromophore.uPS
2018-03-04 00:09 - 2018-03-04 00:09 - 000029696 ____C () C:\Users\X220\AppData\Local\MSGBOX.EXE
2018-12-06 11:52 - 2018-12-06 11:52 - 000000017 ____C () C:\Users\X220\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2019-04-06 13:51 - 2019-04-06 13:51 - 000000000 ____C () C:\Users\X220\AppData\Local\Temp\{1512CBF1-54D5-43C2-815E-1F6BCBDAEF69}-DropboxClient_70.4.93.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-30 03:15
==================== End of FRST.txt ============================
Ran by X220 (administrator) on X220-PC (07-04-2019 19:21:37)
Running from C:\Users\X220\Downloads
Loaded Profiles: X220 & DefaultAppPool (Available Profiles: X220 & DefaultAppPool)
Platform: Windows 10 Pro Version 1803 17134.523 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SRORest.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Lenovo(Japan)Ltd. -> Lenovo.) C:\Windows\System32\TpShocks.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\X220\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHBE.EXE
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo (Japan) Ltd. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1812.10048.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.464_none_eaf315ac1d6e512f\TiWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [TpShocks] => C:\WINDOWS\system32\TpShocks.exe [384344 2014-02-17] (Lenovo(Japan)Ltd. -> Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [388600 2013-04-15] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1665824 2014-06-23] (LENOVO -> Lenovo Group Limited)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant Systems, Inc. -> Conexant systems, Inc.)
HKLM\...\Run: [IME14 KOR Uninstall] => C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [110776 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHS Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 KOR Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 JPN Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [IME14 CHT Uninstall] => C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMEKLMG.EXE [81080 2015-10-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [259976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [GoogleChromeAutoLaunch_53D957690F7090EE22C9B2AAB3AEA4EE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1716720 2019-03-20] (Google LLC -> Google Inc.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHBE.EXE [283232 2014-11-19] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [217088 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\Installer\chrmstp.exe [2019-03-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
Lsa: [Notification Packages] scecli C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{2ee8e95c-2e2c-4559-8291-7ddd3a1fc3cc}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{536cbbe9-e41f-4c3b-a8f9-dea740506360}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{cc8d2721-11ea-448a-96b8-5a402cb64177}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\S-1-5-21-3465244428-113409522-2167852280-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FireFox:
========
FF DefaultProfile: en0h23em.default
FF ProfilePath: C:\Users\X220\AppData\Roaming\TomTom\HOME\Profiles\lqh3uc1l.default [2018-02-22]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default [2019-04-04]
FF NewTab: Mozilla\Firefox\Profiles\en0h23em.default -> about:newtab
FF Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\sp@avast.com.xpi [2019-02-06]
FF Extension: (Avast Online Security) - C:\Users\X220\AppData\Roaming\Mozilla\Firefox\Profiles\en0h23em.default\Extensions\wrc@avast.com.xpi [2019-02-06]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2014-10-27] [Legacy] [not signed]
FF HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: (McAfee Security Scan Plus) - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-15] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-03-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://search.findwide.com/?guid={85EE7439-38F2-48C5-8D6E-0748D8390267}&serpv=22
CHR StartupUrls: ChromeDefaultData -> "hxxps://www.google.com/?trackid=sp-006","hxxps: ... google.com"
CHR DefaultSearchURL: ChromeDefaultData -> hxxps://mail.google.com/mail/u/0/#inbox
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-07] <==== ATTENTION
CHR Extension: (Slides) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-08]
CHR Extension: (Docs) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-08]
CHR Extension: (Google Drive) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-23]
CHR Extension: (YouTube) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-11-08]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-02-04]
CHR Extension: (Sheets) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-08]
CHR Extension: (Google Docs Offline) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-24]
CHR Extension: (Avast Online Security) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-02-18]
CHR Extension: (ThinkVantage Password Manager) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lpdfbkehegfmedglgemnhbnpmfmioggj [2017-11-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-07]
CHR Extension: (Gmail) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-11-08]
CHR Extension: (Chrome Media Router) - C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6758976 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-03-31] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\72.0.1174.121\elevation_service.exe [1070600 2019-03-06] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-08-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] (Huawei Technologies Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ShareItSvc; C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe [31176 2016-01-20] (LENOVO -> SHAREit Technologies Co.Ltd)
R2 SROSVC; C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\SROSVC.exe [446800 2012-03-05] (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-31] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [225680 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196072 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320696 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57960 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249672 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167304 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1034432 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [474456 2019-02-15] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216784 2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [379952 2019-03-11] (AVAST Software s.r.o. -> AVAST Software)
S3 b06diag; C:\WINDOWS\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation -> Broadcom Corporation)
S3 BFN7x64; C:\WINDOWS\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc. -> Bigfoot Networks, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 e1cexpress; C:\WINDOWS\system32\DRIVERS\e1c65x64.sys [480040 2015-06-16] (Intel(R) Intel Network Drivers -> Intel Corporation)
R3 igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [5382856 2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2018-04-12] (Microsoft Windows -> Intel Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52912 2015-08-07] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46184 2018-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [328696 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-07 11:40 - 2019-04-07 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-07 11:38 - 2019-04-07 11:38 - 000000000 ____D C:\WINDOWS\Panther
2019-04-07 11:23 - 2019-04-07 11:26 - 000000000 ____D C:\AdwCleaner
2019-04-07 11:22 - 2019-04-07 11:22 - 007025360 _____ (Malwarebytes) C:\Users\X220\Downloads\AdwCleaner.exe
2019-04-06 20:04 - 2019-04-06 20:08 - 000060010 _____ C:\Users\X220\Downloads\Addition.txt
2019-04-06 19:59 - 2019-04-07 19:23 - 000034569 _____ C:\Users\X220\Downloads\FRST.txt
2019-04-06 19:59 - 2019-04-07 19:21 - 000000000 ____D C:\FRST
2019-04-06 19:57 - 2019-04-06 19:57 - 002434048 _____ (Farbar) C:\Users\X220\Downloads\FRST64.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-03 22:59 - 2019-04-03 22:59 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-03-27 23:12 - 2019-03-27 23:11 - 000162937 ____C C:\Users\X220\Desktop\kontotransactionlist_2018_05-12.xls
2019-03-12 15:47 - 2019-04-03 15:23 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit pozdeji
2019-03-09 23:16 - 2019-03-09 23:16 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\uTorrent
2019-03-08 21:43 - 2019-04-02 09:50 - 000000000 ___DC C:\Users\X220\Desktop\vyhodit
2019-03-08 12:20 - 2019-03-11 22:44 - 000000000 ___DC C:\Users\X220\Documents\pending
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-07 19:20 - 2018-10-30 03:38 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-07 19:20 - 2018-10-30 03:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-07 15:42 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-07 11:43 - 2018-10-30 12:08 - 000774036 _____ C:\WINDOWS\system32\perfh01D.dat
2019-04-07 11:43 - 2018-10-30 12:08 - 000169034 _____ C:\WINDOWS\system32\perfc01D.dat
2019-04-07 11:43 - 2018-10-30 03:17 - 001902138 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-07 11:43 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-07 11:41 - 2016-08-31 11:49 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-07 11:39 - 2016-08-31 11:53 - 000000000 ___RD C:\Users\X220\Dropbox
2019-04-07 11:38 - 2018-10-30 03:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-07 11:38 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-07 11:26 - 2014-10-27 12:09 - 000000000 ___DC C:\Users\X220\AppData\Roaming\IObit
2019-04-07 11:26 - 2014-10-27 12:09 - 000000000 ____D C:\ProgramData\IObit
2019-04-07 10:35 - 2018-06-26 09:07 - 000000000 ___DC C:\Users\X220\AppData\Local\CrashDumps
2019-04-06 17:13 - 2018-10-30 03:21 - 000000000 ____D C:\Users\X220
2019-04-06 13:43 - 2017-01-10 14:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-06 13:43 - 2014-12-10 13:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-05 16:42 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-05 15:02 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-05 11:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-05 07:42 - 2018-10-30 03:38 - 000003440 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-05 07:42 - 2018-10-30 03:38 - 000003216 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-05 07:42 - 2018-10-30 03:38 - 000002858 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3465244428-113409522-2167852280-1000
2019-04-05 07:42 - 2018-10-30 03:38 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-04 12:42 - 2018-03-05 12:51 - 000000000 ___DC C:\Users\X220\AppData\LocalLow\Mozilla
2019-04-04 11:05 - 2014-12-10 13:57 - 000001147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-27 14:57 - 2018-10-30 03:21 - 000002397 ____C C:\Users\X220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-03-27 14:57 - 2016-06-24 23:03 - 000000000 ___RD C:\Users\X220\OneDrive
2019-03-26 11:49 - 2015-04-26 16:08 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-26 11:49 - 2015-04-26 16:08 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-25 12:02 - 2018-03-05 18:49 - 000000000 ___RD C:\Users\X220\3D Objects
2019-03-22 23:56 - 2017-10-18 11:37 - 000000000 ____D C:\Program Files\rempl
2019-03-22 00:46 - 2018-11-11 14:10 - 000000000 ____D C:\ProgramData\Packages
2019-03-21 14:58 - 2015-05-12 11:25 - 000000000 ___DC C:\Users\X220\Documents\jobs
2019-03-20 00:49 - 2018-10-20 23:48 - 000000000 ___DC C:\Users\X220\AppData\Roaming\vlc
2019-03-16 01:00 - 2009-07-14 04:34 - 000000478 _____ C:\WINDOWS\win.ini
2019-03-13 07:55 - 2014-10-27 21:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 07:43 - 2014-10-27 12:03 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-12 14:21 - 2017-01-03 14:00 - 000000000 ___DC C:\Users\X220\Documents\important
2019-03-12 11:52 - 2015-05-27 00:51 - 000000000 ___DC C:\Users\X220\Documents\technical
2019-03-11 23:59 - 2016-07-22 16:51 - 000000000 ___DC C:\Users\X220\Documents\finance
2019-03-11 14:01 - 2014-11-14 00:36 - 000379952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-03-10 00:29 - 2014-12-21 02:53 - 000000000 ___DC C:\Users\X220\AppData\Roaming\uTorrent
2019-03-09 23:18 - 2018-03-31 09:11 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-03-09 23:18 - 2018-03-31 09:11 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2019-03-09 12:47 - 2016-08-31 11:50 - 000001016 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-03-09 12:47 - 2016-08-31 11:50 - 000001012 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-03-09 12:41 - 2019-02-19 22:59 - 000000437 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Java Update Scheduler
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Google Updater and Installer
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe online update program
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
2019-03-08 14:42 - 2018-10-30 03:38 - 000000000 _____ C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
==================== Files in the root of some directories =======
2016-06-17 08:54 - 2016-06-17 08:54 - 000000225 ____C () C:\Users\X220\AppData\Roaming\10-sub-pixel-bgr.conf
2016-06-17 08:54 - 2016-06-17 08:54 - 000004341 ____C () C:\Users\X220\AppData\Roaming\administration.config
2016-06-17 08:54 - 2016-06-17 08:54 - 000003472 ____C () C:\Users\X220\AppData\Roaming\Adobe-GB1-0
2016-06-17 08:54 - 2016-06-17 08:54 - 000003524 ____C () C:\Users\X220\AppData\Roaming\Adobe-Japan1-1
2016-06-17 08:54 - 2016-06-17 08:54 - 000002400 ____C () C:\Users\X220\AppData\Roaming\AlienFX.Communication.Andromeda.tlb
2016-06-17 08:54 - 2016-06-17 08:54 - 000003244 ____C () C:\Users\X220\AppData\Roaming\api-doc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000599 ____C () C:\Users\X220\AppData\Roaming\blue.svg
2016-06-17 08:53 - 2016-06-17 08:53 - 000001234 ____C () C:\Users\X220\AppData\Roaming\body.end.indent.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000004399 ____C () C:\Users\X220\AppData\Roaming\b_ar.jpg
2016-06-17 08:53 - 2016-06-17 08:53 - 000002011 ____C () C:\Users\X220\AppData\Roaming\calendar.rdf
2016-06-17 08:53 - 2016-06-17 08:53 - 000001290 ____C () C:\Users\X220\AppData\Roaming\callout.unicode.start.character.xml
2013-04-16 09:00 - 2013-04-16 09:00 - 000049763 ____C () C:\Users\X220\AppData\Roaming\Catboat.m
2016-06-17 08:53 - 2016-06-17 08:53 - 000001464 ____C () C:\Users\X220\AppData\Roaming\cp_keyboard.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000000946 ____C () C:\Users\X220\AppData\Roaming\crop.mark.bleed.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000003973 ____C () C:\Users\X220\AppData\Roaming\editSettings.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000001704 ____C () C:\Users\X220\AppData\Roaming\f1.png
2016-06-17 08:53 - 2016-06-17 08:53 - 000003652 ____C () C:\Users\X220\AppData\Roaming\generate.toc.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000001309 ____C () C:\Users\X220\AppData\Roaming\glossterm.auto.link.xml
2016-06-17 08:53 - 2016-06-17 08:53 - 000000935 ____C () C:\Users\X220\AppData\Roaming\glossterm.width.xml
1986-05-12 09:00 - 1986-05-12 09:00 - 000001750 ____C () C:\Users\X220\AppData\Roaming\MasseurChromophore.uPS
2018-03-04 00:09 - 2018-03-04 00:09 - 000029696 ____C () C:\Users\X220\AppData\Local\MSGBOX.EXE
2018-12-06 11:52 - 2018-12-06 11:52 - 000000017 ____C () C:\Users\X220\AppData\Local\resmon.resmoncfg
Some files in TEMP:
====================
2019-04-06 13:51 - 2019-04-06 13:51 - 000000000 ____C () C:\Users\X220\AppData\Local\Temp\{1512CBF1-54D5-43C2-815E-1F6BCBDAEF69}-DropboxClient_70.4.93.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-30 03:15
==================== End of FRST.txt ============================
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by X220 (07-04-2019 19:24:04)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{2D734C78-03B0-4CE0-AA19-3F4678E9B81E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:38:56 AM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373
Error: (04/07/2019 10:35:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0xb28
Faulting application start time: 0x01d4ed1cce182533
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 8eaf4da2-f342-45aa-bd62-02406538ca28
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1550
Faulting application start time: 0x01d4ed1cc22fc758
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: a73374a3-7f49-46f3-9800-0e5279d636a3
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x2e8c
Faulting application start time: 0x01d4ed18e6db4dbd
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6485459c-f533-40f9-af7a-83bc47e9c0d6
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.471, time stamp: 0x7ba55a2a
Faulting module name: ntdll.dll, version: 10.0.17134.471, time stamp: 0x7e614c22
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x140c
Faulting application start time: 0x01d4ed184422c016
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 4ec1fca5-26fe-4a10-b78a-371a37020af9
Faulting package full name:
Faulting package-relative application ID:
Error: (04/07/2019 10:07:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1d34
Faulting application start time: 0x01d4ed18e30c8a99
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 5cc6de3f-0306-4568-813e-0bc1daa4cb57
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/07/2019 07:25:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 07:20:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 03:42:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (04/07/2019 11:42:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:39:59 AM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:37 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-07 11:38:59.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:58.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:05.953
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 8075.23 MB
Available physical RAM: 2991.78 MB
Total Virtual: 16267.23 MB
Available Virtual: 10498.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:8.09 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by X220 (07-04-2019 19:24:04)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{2D734C78-03B0-4CE0-AA19-3F4678E9B81E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:38:56 AM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373
Error: (04/07/2019 10:35:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0xb28
Faulting application start time: 0x01d4ed1cce182533
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 8eaf4da2-f342-45aa-bd62-02406538ca28
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1550
Faulting application start time: 0x01d4ed1cc22fc758
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: a73374a3-7f49-46f3-9800-0e5279d636a3
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x2e8c
Faulting application start time: 0x01d4ed18e6db4dbd
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6485459c-f533-40f9-af7a-83bc47e9c0d6
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.471, time stamp: 0x7ba55a2a
Faulting module name: ntdll.dll, version: 10.0.17134.471, time stamp: 0x7e614c22
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x140c
Faulting application start time: 0x01d4ed184422c016
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 4ec1fca5-26fe-4a10-b78a-371a37020af9
Faulting package full name:
Faulting package-relative application ID:
Error: (04/07/2019 10:07:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1d34
Faulting application start time: 0x01d4ed18e30c8a99
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 5cc6de3f-0306-4568-813e-0bc1daa4cb57
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/07/2019 07:25:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 07:20:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 03:42:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (04/07/2019 11:42:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:39:59 AM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:37 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-07 11:38:59.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:58.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:05.953
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 8075.23 MB
Available physical RAM: 2991.78 MB
Total Virtual: 16267.23 MB
Available Virtual: 10498.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:8.09 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by X220 (07-04-2019 19:24:04)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{2D734C78-03B0-4CE0-AA19-3F4678E9B81E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:38:56 AM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373
Error: (04/07/2019 10:35:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0xb28
Faulting application start time: 0x01d4ed1cce182533
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 8eaf4da2-f342-45aa-bd62-02406538ca28
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1550
Faulting application start time: 0x01d4ed1cc22fc758
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: a73374a3-7f49-46f3-9800-0e5279d636a3
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x2e8c
Faulting application start time: 0x01d4ed18e6db4dbd
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6485459c-f533-40f9-af7a-83bc47e9c0d6
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.471, time stamp: 0x7ba55a2a
Faulting module name: ntdll.dll, version: 10.0.17134.471, time stamp: 0x7e614c22
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x140c
Faulting application start time: 0x01d4ed184422c016
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 4ec1fca5-26fe-4a10-b78a-371a37020af9
Faulting package full name:
Faulting package-relative application ID:
Error: (04/07/2019 10:07:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1d34
Faulting application start time: 0x01d4ed18e30c8a99
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 5cc6de3f-0306-4568-813e-0bc1daa4cb57
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/07/2019 07:25:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 07:20:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 03:42:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (04/07/2019 11:42:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:39:59 AM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:37 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-07 11:38:59.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:58.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:05.953
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 8075.23 MB
Available physical RAM: 2991.78 MB
Total Virtual: 16267.23 MB
Available Virtual: 10498.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:8.09 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by X220 (07-04-2019 19:24:04)
Running from C:\Users\X220\Downloads
Windows 10 Pro Version 1803 17134.523 (X64) (2018-10-30 01:39:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3465244428-113409522-2167852280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3465244428-113409522-2167852280-503 - Limited - Disabled)
Guest (S-1-5-21-3465244428-113409522-2167852280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3465244428-113409522-2167852280-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3465244428-113409522-2167852280-504 - Limited - Disabled)
X220 (S-1-5-21-3465244428-113409522-2167852280-1000 - Administrator - Enabled) => C:\Users\X220
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\uTorrent) (Version: 3.5.5.45095 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.142 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 72.0.1174.121 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
BankID säkerhetsprogram (HKLM-x32\...\{77B5BCDC-5496-48DA-8B16-5EE2AF08CA31}) (Version: 7.6.1.4 - Finansiell ID-Teknik BID AB)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.79.0.2015 - Georgy Berdyshev)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Dropbox (HKLM-x32\...\Dropbox) (Version: 70.4.93 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version: - SEIKO EPSON Corporation)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.1.0 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.34.5295 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Handelsbanken card reader (HKLM-x32\...\{1E08E4C7-69F9-4723-B05B-4FABEDF29AC2}) (Version: 1.00.0000 - Todos Data System AB)
Handelsbanken kortläsare (HKLM-x32\...\{D4C30AE2-EAFE-4E28-A3BA-7CF7485E23C4}) (Version: 1.00.0000 - Todos Data System AB)
Intel(R) Chipset Device Software (HKLM-x32\...\{98f335cd-0a32-4b3f-b74c-ef9480e834f0}) (Version: 10.0.27 - Intel(R) Corporation) Hidden
Intel(R) Driver Update Utility 2.0 (HKLM-x32\...\{59DB38EB-F864-4E10-841D-38CFBCF864B0}) (Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 20.0.10.0 (HKLM\...\PROSetDX) (Version: 20.0.10.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4101 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
IrfanView 4.51 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.51 - Irfan Skiljan)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.10.15 - Lenovo)
Lenovo Screen Reading Optimizer (HKLM-x32\...\{91A29166-4E1B-4664-B70B-4C4A3B6B3372}) (Version: 1.16 - Lenovo)
Lenovo Settings - Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Language Pack 2013 - Swedish/svenska (HKLM\...\Office15.OMUI.sv-se) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2010 (HKLM-x32\...\Office14.PROOFKIT) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office ScreenTip Language 2013 - čeština (HKLM\...\{90150000-00BD-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3465244428-113409522-2167852280-1000\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.24 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 65.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 65.0.2 (x64 en-GB)) (Version: 65.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 65.0.2.6995 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.73.01 - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{66C3FB2D-57A3-4EE6-A3BB-DC50D45E933F}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-004B-0000-0000-0000000FF1CE}_Office14.PROOFKIT_{C380F832-0AA6-42C4-BB48-E92C91EE814E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.543 - Lenovo)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad UltraNav-guiden (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Aktivt skyddssystem (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.79.00.03 - Lenovo) Hidden
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.07 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo)
ThinkVantage Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 4.60.4.0 - Lenovo Group Limited)
Update for Skype for Business 2015 (KB4462135) 64-Bit Edition (HKLM\...\{90150000-012B-041D-1000-0000000FF1CE}_Office15.OMUI.sv-se_{03CD37B7-E1EB-42AE-9BC3-3687E679668B}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3465244428-113409522-2167852280-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\X220\Dropbox [2016-08-31 11:53]
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [4171480 2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google Inc -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google Inc -> Google)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\WINDOWS\System32\DreamScene.dll [2009-05-12] (Microsoft Corporation -> Microsoft Corporation) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-03] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-08] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {09B44554-2B08-4743-A164-63C76BD662CB} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe (Lenovo -> )
Task: {09C41847-FEF9-48EE-B50D-FD012EDDA751} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0A92CA84-DFEF-4D97-AA33-CF6C0A599322} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dffd44b8-6827-4a9f-bc56-11d7ea94eeca => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1542B8EC-B1FF-4946-8963-FABA214DE999} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {23327A46-A5E2-48AD-8435-2F2DB0035E3D} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe (Lenovo -> Lenovo Group Ltd.)
Task: {25AB34F5-0779-413D-8694-9B142BF89FFC} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {275D9D0B-B0D8-4BE5-8DB4-7E50BA78B7DA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {27AD8380-9380-42F1-8AB3-ED34BBAE5FCB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {35B50C57-1734-47C8-9D06-443F3EABABC5} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {398501A0-7132-4F67-AEA9-C2EEE076D39A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {39F3647E-7F00-4DCD-8D1D-A1016F51EBD5} - System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
Task: {3D92860C-B21B-45CE-A180-6883CB015FA3} - System32\Tasks\Adobe Flash Player Updater
Task: {3F66AF80-28F0-4AA9-AB6C-A4490A6D59B1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (LENOVO -> Lenovo)
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {40D155C4-EA3F-4638-AE5C-2DFB5C0C39E7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {47042ECB-29EC-4B7F-823C-60CE7AA1603A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {4774B3DE-32D1-4848-BE55-A6447D2C915C} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4B685ACA-F90C-4709-A112-C4793186F955} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe (LENOVO -> Lenovo)
Task: {4D71C1E9-BC7A-47B2-80DD-619028DE2998} - System32\Tasks\avastBCLRestartS-1-5-21-3465244428-113409522-2167852280-1000 => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Task: {5103CB21-7F5E-43B7-B9F6-4CB4F3D6169C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5AE04450-E6D4-435A-B178-271A9700A0B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F4AD908-C831-4242-B7D1-1D7E35E0FBBE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {68306DDC-C6B9-421C-9C4C-1D782696B0C1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {6BECC42E-6CF8-41F5-BB09-73BDC5F7837A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D423B76-A74F-472C-A19C-2F7FD99E27A2} - System32\Tasks\Adobe online update program
Task: {73869B9D-DB0D-405B-801E-5583653B3E41} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {76B62C4E-BD38-4B52-BFF6-AD9464BC52CD} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {7C9566E5-D2A1-41FB-89C1-7B010282EC06} - System32\Tasks\Lenovo\SROptimizer => C:\Program Files (x86)\Lenovo\Screen Reading Optimizer\\SRORest.exe (Lenovo (Japan) Ltd. -> Lenovo Group Limited)
Task: {8554C34D-45BC-482F-A417-BB2E54B7081D} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe (LENOVO -> Lenovo)
Task: {885D5FFC-EA41-4C48-A54D-78D590785301} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\8288c457-7abf-47b1-915a-1cba5436d540 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (Lenovo -> Lenovo Group Ltd.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {93A49E7F-1186-4BEC-8BE3-0D40F917831C} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe (LENOVO -> )
Task: {964B5EC8-1198-48D4-BA99-3E409C8AA920} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (LENOVO -> Lenovo)
Task: {984E0702-5366-46D6-8715-5FE4FB0BA17A} - System32\Tasks\SafeZone scheduled Autoupdate 1468805500 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (AVAST Software s.r.o. -> Avast Software)
Task: {98531241-73FF-4521-84B6-9225A5AD2E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe
Task: {993EAA69-4517-452F-ADCD-F7182A1440E8} - System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
Task: {9C9BAB50-BF68-42B5-8F56-CCED34C4A633} - System32\Tasks\CreateChoiceProcessTask
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A03DCFE6-2A5B-4A00-9AAB-C2BA3F8A4235} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A8617A26-E171-4380-A5E8-9C265708D3B5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AB9A9508-94B9-4327-AD41-4F0BA8FBA4AE} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {B2628FAA-7471-4EEB-BEC7-F74F3C1F408B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B37F1A14-7D03-49D6-8F8C-D3DDFFE8F33E} - System32\Tasks\Java Update Scheduler
Task: {B50CBAE7-0187-4186-B6F6-0972B524E4F1} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe (Lenovo -> Lenovo)
Task: {B5D4CB44-5395-4D3C-9A93-26E50D8BF419} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B69A60FC-1303-4FBF-9E9C-88CD803DB1FF} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {C049F848-2EDA-41A1-A6AC-4FC63F86A0CA} - System32\Tasks\Google Updater and Installer
Task: {C54F2A1F-8481-489B-94F6-2762D400357F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CE57ACE4-8C61-4C49-ACBC-DCF738B54066} - System32\Tasks\DropboxUpdateTaskMachineUA
Task: {D47836D1-E7FB-4341-AC01-B4523A7F0A60} - System32\Tasks\Synaptics TouchPad Enhancements
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {D5B25AC7-193A-4744-AE36-1EFCD99BE697} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D636DF09-E3BF-4D0F-A7A0-F0748258A1D8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {D75EFDC1-5DE6-40C8-854E-F161CFA2C082} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {D8387019-E798-45B6-B193-73466E390B03} - System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
Task: {DFA9FB0B-ADD8-450E-AA29-33CAD963D63D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DFBD0585-C345-4B59-940F-CE65B86429BC} - System32\Tasks\DropboxUpdateTaskMachineCore
Task: {E288668C-8B30-4445-8FB8-9F5989A5D805} - System32\Tasks\Adobe Acrobat Update Task
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {E659433D-3BCF-4675-BC19-4D659F4A2EAC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {EBA71650-D4B2-423B-BC50-6CA4734D8531} - System32\Tasks\Adobe Flash Player NPAPI Notifier
Task: {EFE87CE6-2B46-4246-874B-939F964EE1BD} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {F0A0687B-C293-42AE-BD39-A90F0E45E5ED} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2570532-4BC6-4171-AC43-F8A46B8E00BE} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe (Lenovo -> )
Task: {F28A1DB8-64D6-4E16-877A-B160A632FD35} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F2D75B9D-3387-4901-AF42-7A32F369FEB3} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {F894D307-A1CE-4995-A998-077F24CFBBDC} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FAF5DFA4-5D8A-4574-8BEA-4DB55A501A45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
ShortcutWithArgument: C:\Users\X220\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\360c22b137d62ce9\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData
==================== Loaded Modules (Whitelisted) ==============
2014-11-14 00:05 - 2009-05-12 21:52 - 000275360 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\WINDOWS\System32\DreamScene.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 002112000 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IUICHBE.DLL
2014-10-27 20:35 - 2014-05-16 15:56 - 005636096 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\SYSTEM32\mfc110u.dll
2014-11-19 10:02 - 2014-11-19 10:01 - 000109056 _____ (SEIKO EPSON Corporation) [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IAUDHBE.DLL
2014-10-27 20:33 - 2011-06-29 19:09 - 002085888 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cv210.dll
2014-10-27 20:33 - 2011-06-29 19:09 - 002201088 _____ () [File not signed] C:\Program Files\Lenovo\AutoLock\cxcore210.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-08 16:51 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-02-19 22:59 - 2019-03-09 12:41 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3465244428-113409522-2167852280-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\X220\Pictures\Tara\Baletthöst2018-15.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Block)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B6B6E2AA-488E-468F-922D-EBA4D6226E0E}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F5C33284-035A-46B4-A291-7B9E6B2480EA}] => (Allow) C:\Users\X220\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E9A945C5-4831-4E08-AEF7-1B4D00F43A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A0B095-7798-4817-8647-A7BE3A7FCFC0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{B5BC8DF0-25AE-4466-8DB1-925C22AF7B6D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0DF0AA3B-FB29-4079-A87B-1985359FF09B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{22E663EA-F2A4-4D5F-9D79-F220BD3686B0}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{B88B21F5-57B7-4CEB-BCFD-871975E626B7}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> SHAREit Technologies Co.Ltd)
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [TCP Query User{A83717C1-F1CE-4636-A9C9-86E76B779798}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{D56AFC1E-02D1-41CD-B206-CEC41E61A9FF}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4431308-E1F8-474F-B1AA-590C89B568B7}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{1F35F1D6-391A-4AEA-A267-F22418D9C996}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{4A544143-A6F4-4D72-A09A-B3BFDA164936}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{85E415D0-F58C-4A2C-B227-9A8A4222F55F}] => (Allow) C:\Program Files (x86)\Audiograbber\audiograbber.exe () [File not signed]
FirewallRules: [{BDDE0943-678E-4100-9B12-98927C203278}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.607\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{1CF4CA1F-A6BA-4E7B-A2D5-FF35C0058F93}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe (AVAST Software s.r.o. -> Avast Software)
FirewallRules: [{42CDF962-ECA2-4401-B041-5356C8979B8B}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{32564A6B-8409-43AF-8DD0-EB89A13D920D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{F2E3F9E0-3FD0-4407-BF02-11859EE38D23}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{AAF79EE6-96A7-45FF-AF40-D103E377629E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{46BFC8CD-DB6B-4011-B9B8-A240DA372929}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{8B7C9F88-3025-40B1-A7EE-F3924B44600A}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{0A46E9A5-6105-48C4-B234-C9FC5A9ACC8E}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{67379F48-4031-4C45-ADDA-D7EF3429DFE0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{2D734C78-03B0-4CE0-AA19-3F4678E9B81E}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Base System Device
Description: Base System Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:40:58 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Cannot find object or property.
Error: (04/07/2019 11:38:56 AM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373
Error: (04/07/2019 10:35:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0xb28
Faulting application start time: 0x01d4ed1cce182533
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 8eaf4da2-f342-45aa-bd62-02406538ca28
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1550
Faulting application start time: 0x01d4ed1cc22fc758
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: a73374a3-7f49-46f3-9800-0e5279d636a3
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:34:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x2e8c
Faulting application start time: 0x01d4ed18e6db4dbd
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 6485459c-f533-40f9-af7a-83bc47e9c0d6
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
Error: (04/07/2019 10:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 10.0.17134.471, time stamp: 0x7ba55a2a
Faulting module name: ntdll.dll, version: 10.0.17134.471, time stamp: 0x7e614c22
Exception code: 0xc0000005
Fault offset: 0x0000000000024989
Faulting process id: 0x140c
Faulting application start time: 0x01d4ed184422c016
Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 4ec1fca5-26fe-4a10-b78a-371a37020af9
Faulting package full name:
Faulting package-relative application ID:
Error: (04/07/2019 10:07:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkypeApp.exe, version: 8.42.0.60, time stamp: 0x5c9a553b
Faulting module name: SharedLibrary.dll, version: 2.2.27405.0, time stamp: 0x5c59d1be
Exception code: 0x80004005
Fault offset: 0x00000000007e36ae
Faulting process id: 0x1d34
Faulting application start time: 0x01d4ed18e30c8a99
Faulting application path: C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.2.2_2.2.27405.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
Report Id: 5cc6de3f-0306-4568-813e-0bc1daa4cb57
Faulting package full name: Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c
Faulting package-relative application ID: App
System errors:
=============
Error: (04/07/2019 07:25:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 07:20:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 03:42:34 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (04/07/2019 11:42:23 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:39:59 AM) (Source: DCOM) (EventID: 10016) (User: X220-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user X220-PC\X220 SID (S-1-5-21-3465244428-113409522-2167852280-1000) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/07/2019 11:38:37 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files. Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft.com/fwlink/?LinkId=245898.
CodeIntegrity:
===================================
Date: 2019-04-07 11:38:59.468
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:58.867
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-07 11:38:05.953
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:13.178
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 17:14:12.065
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:41.519
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:32.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-04-06 14:36:28.593
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 62%
Total physical RAM: 8075.23 MB
Available physical RAM: 2991.78 MB
Total Virtual: 16267.23 MB
Available Virtual: 10498.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.3 GB) (Free:8.09 GB) NTFS
Drive d: (KIN_RED_128) (Removable) (Total:115.31 GB) (Free:102.55 GB) FAT32
\\?\Volume{f09e4b43-5dbf-11e4-a1da-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{bc282ee2-0000-0000-0000-d0991d000000}\ () (Fixed) (Total:0.84 GB) (Free:0.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 119.2 GB) (Disk ID: BC282EE2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=858 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 115.6 GB) (Disk ID: 677E6E90)
Partition 1: (Active) - (Size=115.3 GB) - (Type=0C)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: google se sam zavira
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\X220\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-07] <==== ATTENTION
C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
C:\Users\X220\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
dekuji, udelala jsem, laptop se nestartoval a zadny novy log se mi neukazal a ani neni v downloads
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: google se sam zavira
To je divné. V C:\Users\X220\Downloads by měl být soubor fixlog.txt. Jeho obsah potřebuji vidět.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by X220 (07-04-2019 21:31:49) Run:1
Running from C:\Users\X220\Downloads
Loaded Profiles: X220 (Available Profiles: X220 & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-07] <==== ATTENTION
C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
C:\Users\X220\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0168B5F3-281B-45F1-B568-B5C686F78EA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0168B5F3-281B-45F1-B568-B5C686F78EA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{041EB440-6926-42D5-A58C-0AB44866C44E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{041EB440-6926-42D5-A58C-0AB44866C44E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14A5E6AE-67FD-4162-943F-5CD0DB2928A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14A5E6AE-67FD-4162-943F-5CD0DB2928A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BFA72C1-DDFD-44E8-A337-B51C81B12073} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BFA72C1-DDFD-44E8-A337-B51C81B12073} => removed successfully
C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B2A99F7A-548F-4434-9868-C46E812BA52E} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26823DAE-00ED-44A6-8F88-A39BCE8C576A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26823DAE-00ED-44A6-8F88-A39BCE8C576A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E6D9D78-CC0F-42B0-ABED-E8D84453A701}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E6D9D78-CC0F-42B0-ABED-E8D84453A701}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{332BAB05-F614-4E3F-B170-0F27ADE3A6CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332BAB05-F614-4E3F-B170-0F27ADE3A6CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F916550-4529-4685-8B50-2D101F463ABF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F916550-4529-4685-8B50-2D101F463ABF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42BC1E7B-195C-4461-838A-FF782B8248FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42BC1E7B-195C-4461-838A-FF782B8248FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{608C888E-4E18-4AB0-ADB9-DFFFB81046B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608C888E-4E18-4AB0-ADB9-DFFFB81046B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6392D9D3-E2CF-426A-811B-A8DE6658B7C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6392D9D3-E2CF-426A-811B-A8DE6658B7C0}" => removed successfully
C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6ABB0007-FAE7-437B-8353-383AF93E2750}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{677A5117-066E-4649-9EE2-285E0EDD3E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{677A5117-066E-4649-9EE2-285E0EDD3E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A6B806D-CD1E-4298-ABAF-B243D0F6ED92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6B806D-CD1E-4298-ABAF-B243D0F6ED92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PMTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7753299F-0B81-428A-B82F-8272FAA919AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7753299F-0B81-428A-B82F-8272FAA919AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79528E82-A595-4BB6-B8DE-A117C0E2F506} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79528E82-A595-4BB6-B8DE-A117C0E2F506} => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B468F1D-99D0-4FAD-92A7-95161D064753}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B468F1D-99D0-4FAD-92A7-95161D064753}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A28371D-8238-4F77-951E-3F50BFD16FE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A28371D-8238-4F77-951E-3F50BFD16FE7}" => removed successfully
C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DD003C3-C7A5-4148-BEFB-296EE5921C7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DD003C3-C7A5-4148-BEFB-296EE5921C7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADCBB6B0-4310-4691-B356-D34F3123BF18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADCBB6B0-4310-4691-B356-D34F3123BF18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE441702-4E95-4BA1-B1DE-05B18EF99D07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE441702-4E95-4BA1-B1DE-05B18EF99D07}" => removed successfully
C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{20707FE6-55A3-43A8-B142-0733BC494804}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEEA9873-A412-44C8-983C-15708AC443EB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEEA9873-A412-44C8-983C-15708AC443EB} => removed successfully
C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C90B16-BEE8-4564-BBA4-24911864ACBB} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D490CC98-2CAA-4DCA-8711-1EA12D087826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D490CC98-2CAA-4DCA-8711-1EA12D087826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E39942BE-7738-47D7-9D1C-588CE098B91E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E39942BE-7738-47D7-9D1C-588CE098B91E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAA95DE4-EE7B-43EF-9F6F-85EE484B6029}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAA95DE4-EE7B-43EF-9F6F-85EE484B6029}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD7F0B2A-6331-4238-B5D8-5C4783C25571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD7F0B2A-6331-4238-B5D8-5C4783C25571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06830813-857C-4928-8594-BECF5DDD0261}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E680413D-4A77-441D-A146-55558CEE589B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{599A3C42-D488-47F1-9F04-E18397B5CB8D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64F745CB-FF62-4673-8084-02FB4B8D7108}" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D28973E5-8630-41af-8831-50A15FEB396B} => removed successfully
HKLM\Software\Classes\CLSID\{D28973E5-8630-41af-8831-50A15FEB396B} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@bankid.com/BankID säkerhetsprogram,version=6.2.2.1 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@bankid.com/BankID säkerhetsprogram,version=6.2.5.1 => removed successfully
C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
"C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}" => not found
"C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}" => not found
C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767} => moved successfully
C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630} => moved successfully
"C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}" => not found
C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4} => moved successfully
"C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}" => not found
"C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}" => not found
C:\Users\X220\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27170860 B
Java, Flash, Steam htmlcache => 1412 B
Windows/system/drivers => 228090 B
Edge => 2637112 B
Chrome => 0 B
Firefox => 118673200 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 11514411 B
LocalService => 39976 B
LocalService => 0 B
NetworkService => 7836 B
NetworkService => 0 B
X220 => 3957765 B
DefaultAppPool => 0 B
RecycleBin => 6553736 B
EmptyTemp: => 170.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:35:52 ====
Ran by X220 (07-04-2019 21:31:49) Run:1
Running from C:\Users\X220\Downloads
Loaded Profiles: X220 (Available Profiles: X220 & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {0168B5F3-281B-45F1-B568-B5C686F78EA8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {041EB440-6926-42D5-A58C-0AB44866C44E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {14A5E6AE-67FD-4162-943F-5CD0DB2928A4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1BFA72C1-DDFD-44E8-A337-B51C81B12073} - System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
Task: {26823DAE-00ED-44A6-8F88-A39BCE8C576A} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {2E6D9D78-CC0F-42B0-ABED-E8D84453A701} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {332BAB05-F614-4E3F-B170-0F27ADE3A6CE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {3F916550-4529-4685-8B50-2D101F463ABF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {42BC1E7B-195C-4461-838A-FF782B8248FE} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {608C888E-4E18-4AB0-ADB9-DFFFB81046B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6392D9D3-E2CF-426A-811B-A8DE6658B7C0} - System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
Task: {677A5117-066E-4649-9EE2-285E0EDD3E31} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6A6B806D-CD1E-4298-ABAF-B243D0F6ED92} - \PMTask -> No File <==== ATTENTION
Task: {7753299F-0B81-428A-B82F-8272FAA919AD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {79528E82-A595-4BB6-B8DE-A117C0E2F506} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7B468F1D-99D0-4FAD-92A7-95161D064753} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {8A28371D-8238-4F77-951E-3F50BFD16FE7} - System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
Task: {9DD003C3-C7A5-4148-BEFB-296EE5921C7D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {ADCBB6B0-4310-4691-B356-D34F3123BF18} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE441702-4E95-4BA1-B1DE-05B18EF99D07} - System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
Task: {BEEA9873-A412-44C8-983C-15708AC443EB} - System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
Task: {D490CC98-2CAA-4DCA-8711-1EA12D087826} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E39942BE-7738-47D7-9D1C-588CE098B91E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {FAA95DE4-EE7B-43EF-9F6F-85EE484B6029} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {FD7F0B2A-6331-4238-B5D8-5C4783C25571} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{06830813-857C-4928-8594-BECF5DDD0261}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{E680413D-4A77-441D-A146-55558CEE589B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe No File
FirewallRules: [{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe No File
FirewallRules: [{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe No File
FirewallRules: [{599A3C42-D488-47F1-9F04-E18397B5CB8D}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
FirewallRules: [{64F745CB-FF62-4673-8084-02FB4B8D7108}] => (Allow) C:\Users\X220\AppData\Roaming\OhMyTabs\OhMyTabs.exe No File
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.2.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
FF Plugin-x32: @bankid.com/BankID säkerhetsprogram,version=6.2.5.1 -> C:\Program Files (x86)\BankID\npBispBrowser.dll [No File]
CHR Profile: C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2019-04-07] <==== ATTENTION
C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}
C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}
C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767}
C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630}
C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}
C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4}
C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}
C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}
C:\Users\X220\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0168B5F3-281B-45F1-B568-B5C686F78EA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0168B5F3-281B-45F1-B568-B5C686F78EA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{041EB440-6926-42D5-A58C-0AB44866C44E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{041EB440-6926-42D5-A58C-0AB44866C44E} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14A5E6AE-67FD-4162-943F-5CD0DB2928A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14A5E6AE-67FD-4162-943F-5CD0DB2928A4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BFA72C1-DDFD-44E8-A337-B51C81B12073} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BFA72C1-DDFD-44E8-A337-B51C81B12073} => removed successfully
C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B2A99F7A-548F-4434-9868-C46E812BA52E} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26823DAE-00ED-44A6-8F88-A39BCE8C576A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26823DAE-00ED-44A6-8F88-A39BCE8C576A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2E6D9D78-CC0F-42B0-ABED-E8D84453A701}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E6D9D78-CC0F-42B0-ABED-E8D84453A701}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{332BAB05-F614-4E3F-B170-0F27ADE3A6CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{332BAB05-F614-4E3F-B170-0F27ADE3A6CE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F916550-4529-4685-8B50-2D101F463ABF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F916550-4529-4685-8B50-2D101F463ABF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42BC1E7B-195C-4461-838A-FF782B8248FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42BC1E7B-195C-4461-838A-FF782B8248FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-Weekend" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{608C888E-4E18-4AB0-ADB9-DFFFB81046B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{608C888E-4E18-4AB0-ADB9-DFFFB81046B2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6392D9D3-E2CF-426A-811B-A8DE6658B7C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6392D9D3-E2CF-426A-811B-A8DE6658B7C0}" => removed successfully
C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6ABB0007-FAE7-437B-8353-383AF93E2750}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{677A5117-066E-4649-9EE2-285E0EDD3E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{677A5117-066E-4649-9EE2-285E0EDD3E31}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6A6B806D-CD1E-4298-ABAF-B243D0F6ED92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A6B806D-CD1E-4298-ABAF-B243D0F6ED92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PMTask" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7753299F-0B81-428A-B82F-8272FAA919AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7753299F-0B81-428A-B82F-8272FAA919AD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{79528E82-A595-4BB6-B8DE-A117C0E2F506} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{79528E82-A595-4BB6-B8DE-A117C0E2F506} => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7B468F1D-99D0-4FAD-92A7-95161D064753}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7B468F1D-99D0-4FAD-92A7-95161D064753}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A28371D-8238-4F77-951E-3F50BFD16FE7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A28371D-8238-4F77-951E-3F50BFD16FE7}" => removed successfully
C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DD003C3-C7A5-4148-BEFB-296EE5921C7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DD003C3-C7A5-4148-BEFB-296EE5921C7D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADCBB6B0-4310-4691-B356-D34F3123BF18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADCBB6B0-4310-4691-B356-D34F3123BF18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE441702-4E95-4BA1-B1DE-05B18EF99D07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE441702-4E95-4BA1-B1DE-05B18EF99D07}" => removed successfully
C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{20707FE6-55A3-43A8-B142-0733BC494804}" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEEA9873-A412-44C8-983C-15708AC443EB} => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEEA9873-A412-44C8-983C-15708AC443EB} => removed successfully
C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB} => moved successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C4C90B16-BEE8-4564-BBA4-24911864ACBB} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D490CC98-2CAA-4DCA-8711-1EA12D087826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D490CC98-2CAA-4DCA-8711-1EA12D087826}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E39942BE-7738-47D7-9D1C-588CE098B91E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E39942BE-7738-47D7-9D1C-588CE098B91E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAA95DE4-EE7B-43EF-9F6F-85EE484B6029}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAA95DE4-EE7B-43EF-9F6F-85EE484B6029}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FD7F0B2A-6331-4238-B5D8-5C4783C25571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD7F0B2A-6331-4238-B5D8-5C4783C25571}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{06830813-857C-4928-8594-BECF5DDD0261}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E680413D-4A77-441D-A146-55558CEE589B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F50DC566-5ACC-4D7F-A2E9-D3031DB52B60}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0B1A89F-C27D-41F4-8C83-C81EDA64CE8E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{157EEF83-4164-4DD4-AA7B-8D10D2E236CC}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{599A3C42-D488-47F1-9F04-E18397B5CB8D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64F745CB-FF62-4673-8084-02FB4B8D7108}" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\Software\Classes\CLSID\{503739d0-4c5e-4cfd-b3ba-d881334f0df2} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{D28973E5-8630-41af-8831-50A15FEB396B} => removed successfully
HKLM\Software\Classes\CLSID\{D28973E5-8630-41af-8831-50A15FEB396B} => not found
HKLM\Software\Wow6432Node\MozillaPlugins\@bankid.com/BankID säkerhetsprogram,version=6.2.2.1 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@bankid.com/BankID säkerhetsprogram,version=6.2.5.1 => removed successfully
C:\Users\X220\AppData\Local\Google\Chrome\User Data\ChromeDefaultData => moved successfully
"C:\WINDOWS\System32\Tasks\{C4C90B16-BEE8-4564-BBA4-24911864ACBB}" => not found
"C:\WINDOWS\System32\Tasks\{B2A99F7A-548F-4434-9868-C46E812BA52E}" => not found
C:\WINDOWS\System32\Tasks\{9E2DADF9-41BE-4FCE-B2E6-EB10C632C767} => moved successfully
C:\WINDOWS\System32\Tasks\{8702C7F2-3B9A-445A-A4A9-1845E3BAC630} => moved successfully
"C:\WINDOWS\System32\Tasks\{6ABB0007-FAE7-437B-8353-383AF93E2750}" => not found
C:\WINDOWS\System32\Tasks\{5770EEB0-CCBA-4A43-9D06-F7349A6BC7B4} => moved successfully
"C:\WINDOWS\System32\Tasks\{4ABA487A-D9B5-48A7-9880-0B0F40B4F4D7}" => not found
"C:\WINDOWS\System32\Tasks\{20707FE6-55A3-43A8-B142-0733BC494804}" => not found
C:\Users\X220\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27170860 B
Java, Flash, Steam htmlcache => 1412 B
Windows/system/drivers => 228090 B
Edge => 2637112 B
Chrome => 0 B
Firefox => 118673200 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 11514411 B
LocalService => 39976 B
LocalService => 0 B
NetworkService => 7836 B
NetworkService => 0 B
X220 => 3957765 B
DefaultAppPool => 0 B
RecycleBin => 6553736 B
EmptyTemp: => 170.6 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:35:52 ====
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
bylo to tam...nepochopila jsem, ze je to znovu fixlog...
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: google se sam zavira
V pořádku. Nastala teď nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Blanka yahoo
- Návštěvník
- Příspěvky: 343
- Registrován: 02 úno 2006 13:03
Re: google se sam zavira
je to ted bezva, ok. dekuji vrele
mohu jeste 1 dotaz, ktery nevim, zda souvisi s web tematikou...
mam externi HDD, 1 TB, a normalne fungoval, pak jsem jej nechala nejakou dobu zapojeny v smart TV a nyni jej "nevidim", i kdyz je pripojeny, zkousela jsem 2 laptopy a TV, ale nikde neni viditelny, takze jej nemohu otevrit...
nicmene pokud je pripojem, ozve se pripojovaci zvuk jako u jinych pripojeni,pokud jej chci odpojit, zobrazi se v Safely remote HDD, ale neni mu pridelen zadny disk...take jej vidim pred disk management, posilam printscreen...
vubec netusim, co se deje, a je to blbe, nebot tam mam info z predeslych nekolika HDD, ktere nejak zkrachovaly a data recovery byla dost draha...
dekuji moc, pokud by jste vedel, co treba udelat...myslim, ze neni pokazeny, jen si neprideluje zadny disk...
mohu jeste 1 dotaz, ktery nevim, zda souvisi s web tematikou...
mam externi HDD, 1 TB, a normalne fungoval, pak jsem jej nechala nejakou dobu zapojeny v smart TV a nyni jej "nevidim", i kdyz je pripojeny, zkousela jsem 2 laptopy a TV, ale nikde neni viditelny, takze jej nemohu otevrit...
nicmene pokud je pripojem, ozve se pripojovaci zvuk jako u jinych pripojeni,pokud jej chci odpojit, zobrazi se v Safely remote HDD, ale neni mu pridelen zadny disk...take jej vidim pred disk management, posilam printscreen...
vubec netusim, co se deje, a je to blbe, nebot tam mam info z predeslych nekolika HDD, ktere nejak zkrachovaly a data recovery byla dost draha...
dekuji moc, pokud by jste vedel, co treba udelat...myslim, ze neni pokazeny, jen si neprideluje zadny disk...
- Přílohy
-
- silicon.pdf
- (227.67 KiB) Staženo 53 x
Přispějete na provoz fóra?