Kontrola po vyčištění ntb

[Hop]

Dobrý den,
známá mi přinesla ntb, že se jí občas nedaří zapnout a že s ním něco má.
Doporučím jí odinstalovat AVG a McAffe a místo toho nainstalovat Comodo.

Pročistil jsem ntb ccleanerem, adwcleanerem (posílám log) a esetem - log jsem si uložil na plochu, ale z plochy zmizel??? Eset zachytil 11 potencionálně škodlivých šmejdů.
FRST jsem stáhnul (správnou verzi), ale nedaří se mi ho spustit.
Prosím o pomoc s kontolou logu a dočištění ntb.
Děkuji, s pozdravem
Pavel papežík


# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-11-2020
# Duration: 00:01:01
# OS: Windows 10 Home
# Cleaned: 51
# Failed: 0


***** [ Services ] *****

Deleted WtuSystemSupport
Deleted vToolbarUpdater40.3.8

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\Program Files\avg web tuneup
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\ProgramData\Pokki
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Users\Baruška.Lenovo-PC\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp
Deleted C:\Users\Baruška.Lenovo-PC\AppData\Local\Pokki
Deleted C:\Users\Baruška.Lenovo-PC\AppData\Local\avg web tuneup
Deleted C:\Users\Baruška\AppData\Local\Pokki
Deleted C:\Users\Public\Pokki
Deleted C:\Users\TEMP\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp
Deleted C:\Users\TEMP\AppData\Local\Pokki
Deleted C:\Users\TEMP\AppData\Local\avg web tuneup
Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki

***** [ Files ] *****

Deleted C:\Users\Baruška.Lenovo-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
Deleted C:\Windows\SysWOW64\VisualDiscovery.ini
Deleted C:\Windows\SysWOW64\VisualDiscoveryOff.ini
Deleted C:\Windows\System32\VisualDiscoveryOff.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\0316avzUpdateInfo
Deleted C:\Windows\System32\Tasks\0615pizUpdateInfo
Deleted C:\Windows\System32\Tasks\FreeDownloadManagerNetworkMonitor

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{93BBBD59-7101-4C0F-A1EF-BD2F25029738}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FFA61E6-2166-49E6-8168-DC04217770DA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{232A3BCC-5CE5-4D3D-97D9-6D378EE82C42}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FFA61E6-2166-49E6-8168-DC04217770DA}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{232A3BCC-5CE5-4D3D-97D9-6D378EE82C42}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93BBBD59-7101-4C0F-A1EF-BD2F25029738}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0316avzUpdateInfo
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615pizUpdateInfo
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FreeDownloadManagerNetworkMonitor
Deleted HKLM\Software\AVG Secure Search
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\avgsh

***** [ Chromium (and derivatives) ] *****

Deleted AVG Web TuneUp
Deleted Maps & Directions by MyMapsExpress

***** [ Chromium URLs ] *****

Deleted AVG Secure Search
Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10790 octets] - [11/01/2020 17:22:03]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Hop]

Zkusil jsem FRST spustit v nouzovém režimu, ale ani tehdy se FRST nepodařilo spustit.

Po restartu jsem se opět přihlásil v běžném režimu stejně jako předtím
a na stejném účtu nyní mám na ploše mnohem víc souborů než jsem měl před tím, než jsem se přihlásil v nouzovém režimu.

Aniž bych pro to cokoli udělal (přihlašoval jsem se stejně), byl jsem (před nouzovým režimem) opakovaně přihlašovaný do dočasného profilu, proto mě taky z plochy zmizel log z esetu i stažený FRST.

Patrně toto měla taky majitelka ntb na mysli, když říkala že ntb není v pořádku. Říkala něco takového, že na ploše nic nevidí, ale že to v ntb je... Moc jsem tomu nerozuměl, ale už to chápu: Na ploše neviděla svoje soubory, přesto že když se ve svém účtu podívala do složky Plocha, tak tam její soubory byly.

Při tomto posledním přihlášení do správného profilu se podařilo spustit FRST, posílám logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-01-2020
Ran by Baruška (administrator) on LENOVO-PC (LENOVO INVALID) (12-01-2020 09:57:40)
Running from C:\AdwCleaner\FRST
Loaded Profiles: Baruška (Available Profiles: Baruška)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo Transition\TransitionServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2015-02-12] (Lenovo (Beijing) Limited -> )
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [316336 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10177536 2018-05-28] (FreeDownloadManager.org) [File not signed]
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\RunOnce: [Uninstall 19.192.0926.0012\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64"
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\RunOnce: [Uninstall 19.192.0926.0012] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\OneDrive\19.192.0926.0012"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.117\Installer\chrmstp.exe [2020-01-09] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\Baruška.Lenovo-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2017-02-10]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D2E34A9-2A0C-4DDD-8F70-F68F8E0035D7} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {12F3CE0C-1CAE-4811-B6DB-932FE035DB08} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {30619AEB-2A02-4D99-B3FA-B0B638DB88F3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3A77078A-429A-431B-8959-77A2D2557F24} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {4FD13238-CDFF-4686-B40E-C08C93012174} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\avg\overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [32256 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {5CF0AE9D-A061-444F-8268-CDA01DC24F7B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
Task: {5FCF21AA-66F7-482D-82AD-C724B2A20AEC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6765F929-D929-4141-B0ED-A9B910B76B2B} - System32\Tasks\AdwCleaner_onReboot => C:\Users\TEMP\Downloads\adwcleaner_8.0.1.exe <==== ATTENTION
Task: {6C7E3783-1003-4ABF-90B6-B2C036AD22A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {6E2A296C-8248-454B-B867-E23E2316D39C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {945AEB9F-72E7-4B7F-9187-311A6FAD693A} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-12] (bookingDesktopApp.) [File not signed]
Task: {994591F7-2272-4139-B9B8-5B6138124AED} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {9C0A3EAE-F81D-4014-B928-9C4108F447B8} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [154896 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
Task: {BEC2A6A1-1A00-4457-A5D0-357D5609A70C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D38F54F4-96A2-42B9-8A15-28FAE97A7CA7} - System32\Tasks\UMonitor Task => C:\windows\SysWOW64\UMonit64.exe [53248 2014-02-26] () [File not signed]
Task: {DA4CCB7C-ED96-422A-860A-570F6B50677C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {DABB2FDB-CF7D-4A31-A50E-30DEED60A760} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4636776 2018-08-17] (McAfee, Inc. -> McAfee, Inc.)
Task: {E04BCBED-B503-48EA-AD57-6F5419889311} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E751D830-4BE1-4F5B-A9A5-5361A7514D3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F2F6A284-A7C9-4689-A287-106458958B8D} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_148_pepper.exe [1455752 2018-11-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F91CC578-FDDA-4084-A340-FD481E699BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {F9434A4F-3745-4F48-98EB-BB3C9D688431} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-12] (bookingDesktopApp.) [File not signed]
Task: {FF3F30D2-E6AD-4FED-A844-454F8F95EDE0} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1719608 2014-07-31] (Maxthon (Asia) Limited. -> Maxthon International ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
Tcpip\..\Interfaces\{379fd461-5264-41d5-a503-a26e8aaae128}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{890da46f-0642-4eb4-83a7-1dea8b7bf1aa}: [DhcpNameServer] 192.168.10.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B37C25181-F892-473C-BABC-B3634860C5FD%7D&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-27%2006:38:37&v=4.3.6.255&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.8\\npsitesafety.dll [No File]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-12] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-12] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Notifications: Default -> hxxps://appmirror.net; hxxps://b9te.wcontentdelivery.info; hxxps://hidderswera.club; hxxps://hranicky.denik.cz; hxxps://megaup.net; hxxps://mn9z.womatonsha.com; hxxps://rectititonle.pro; hxxps://www.bombuj.eu; hxxps://www.flv2mp3.by; hxxps://www.letemsvetemapplem.eu; hxxps://youtubemp3.to
CHR Profile: C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default [2020-01-12]
CHR Extension: (Prezentace) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Dokumenty) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-11]
CHR Extension: (YouTube) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-26]
CHR Extension: (Tabulky) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (ExtStarUpdt ) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbmjofpbagpionpggchlplnejdaafadn [2016-12-22]
CHR Extension: (AVG SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2020-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-23]
CHR Extension: (Chrome Media Router) - C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-01-12]
CHR Profile: C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-10-17]
CHR Profile: C:\Users\Baruška.Lenovo-PC\AppData\Local\Google\Chrome\User Data\System Profile [2019-10-17]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3924204536-3399405142-821897544-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn]
CHR HKU\S-1-5-21-3924204536-3399405142-821897544-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3924204536-3399405142-821897544-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [382712 2019-07-19] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [996928 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6307248 2019-12-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files (x86)\AVG\Antivirus\wsc_proxy.exe [110560 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-12] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-12] (bookingDesktopApp.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (LENOVO -> Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-14] (Maxthon (Asia) Limited. -> Maxthon)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-12] (McAfee, LLC -> McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-08] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [249032 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
S3 TESHelper; c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe [104696 2015-02-12] (Lenovo -> Lenovo)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-12] (Lenovo (Beijing) Limited -> Lenovo)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2019-03-19] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R0 avgArDisk; C:\WINDOWS\System32\drivers\avgArDisk.sys [37880 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [205600 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriver.sys [275232 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidsh.sys [210328 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbuniv.sys [65376 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgElam; C:\WINDOWS\System32\drivers\avgElam.sys [16520 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\WINDOWS\System32\drivers\avgKbd.sys [43512 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [171640 2019-11-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [111096 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [84560 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [848688 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [461216 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [236288 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [317304 2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70592 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [111336 2014-04-17] (GENESYS LOGIC, INC. -> GenesysLogic)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [177544 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [311856 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69352 2014-04-04] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522360 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [784760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [441264 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [346760 2014-04-04] (McAfee, Inc. -> McAfee, Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-12 09:57 - 2020-01-12 09:58 - 000000000 ____D C:\FRST
2020-01-12 09:24 - 2020-01-12 09:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-01-12 09:23 - 2020-01-12 09:32 - 000184956 _____ C:\WINDOWS\ntbtlog.txt
2020-01-11 20:58 - 2020-01-12 09:48 - 000002972 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-01-11 20:58 - 2020-01-12 09:48 - 000002592 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-01-11 17:24 - 2020-01-12 09:48 - 000002346 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-01-11 17:20 - 2020-01-12 09:56 - 000000000 ____D C:\AdwCleaner

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-01-12 09:48 - 2019-10-23 20:40 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-12 09:48 - 2019-10-23 20:40 - 000003476 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2020-01-12 09:48 - 2019-10-23 20:40 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-12 09:48 - 2019-10-23 20:40 - 000003262 _____ C:\WINDOWS\system32\Tasks\Antivirus Emergency Update
2020-01-12 09:48 - 2019-10-23 20:40 - 000003252 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2020-01-12 09:48 - 2019-10-23 20:40 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-12 09:48 - 2019-10-23 20:40 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-12 09:48 - 2019-10-23 20:40 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3924204536-3399405142-821897544-1001
2020-01-12 09:48 - 2019-10-23 20:40 - 000002162 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-12 09:48 - 2019-10-23 20:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-01-12 09:48 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-01-12 09:37 - 2019-10-23 20:25 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-12 09:37 - 2019-03-19 12:55 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-12 09:37 - 2019-03-19 12:55 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-12 09:37 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-01-12 09:35 - 2019-10-23 20:13 - 000002408 _____ C:\Users\Baruška.Lenovo-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-01-12 09:35 - 2019-01-14 09:48 - 000000000 ____D C:\Users\Baruška.Lenovo-PC\AppData\Local\Free Download Manager
2020-01-12 09:35 - 2015-11-18 22:54 - 000000000 ___RD C:\Users\Baruška.Lenovo-PC\OneDrive
2020-01-12 09:33 - 2019-10-23 20:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-12 09:33 - 2018-01-04 18:34 - 000000000 ___RD C:\Users\Baruška.Lenovo-PC\3D Objects
2020-01-12 09:33 - 2015-11-19 02:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-01-12 09:33 - 2015-11-18 18:58 - 000000000 __SHD C:\Users\Baruška\IntelGraphicsProfiles
2020-01-12 09:32 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-01-12 08:58 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-11 22:31 - 2015-11-18 21:06 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-11 22:28 - 2019-10-23 20:03 - 000450680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-11 21:51 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-01-11 20:42 - 2019-10-23 20:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-01-11 19:00 - 2017-11-21 13:22 - 000000000 ____D C:\Program Files (x86)\Counter-Strike 1.6 Non-Steam
2020-01-11 18:33 - 2015-11-19 22:02 - 000000000 ___RD C:\fotky
2020-01-11 17:33 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-11 17:15 - 2015-02-12 15:43 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-20 17:20 - 2015-11-19 21:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-18 20:39 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories ========

2019-01-14 18:28 - 2019-01-14 18:28 - 000043020 _____ () C:\Users\Baruška.Lenovo-PC\AppData\Roaming\DMGR_0J1F2U0D1F2W1G1I1F1T1Q1V0R1L1R1M0MtJ1V0O1E1P1C1T0B1C1F2W1B1P1C.txt
2019-01-14 09:31 - 2019-01-14 18:28 - 000221302 _____ () C:\Users\Baruška.Lenovo-PC\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2018-10-12 14:52 - 2018-10-12 14:52 - 000000000 _____ () C:\Users\Baruška.Lenovo-PC\AppData\Local\{55CE8B18-7126-4183-AD59-9CD616F9D223}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by Baruška (12-01-2020 10:01:29)
Running from C:\AdwCleaner\FRST
Windows 10 Home Version 1909 18363.535 (X64) (2019-10-23 19:42:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3924204536-3399405142-821897544-500 - Administrator - Disabled)
Baruška (S-1-5-21-3924204536-3399405142-821897544-1001 - Administrator - Enabled) => C:\Users\Baruška.Lenovo-PC
DefaultAccount (S-1-5-21-3924204536-3399405142-821897544-503 - Limited - Disabled)
Guest (S-1-5-21-3924204536-3399405142-821897544-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3924204536-3399405142-821897544-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {4FC75CA5-1654-5411-7CFB-1893D506BCF4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Enabled - Up to date) {F4A6BD41-306E-5B9F-464B-23E1AE81F649}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.148 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 19.8.3108 - AVG Technologies)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Counter-Strike 1.6 Non-Steam 1.0 (HKLM-x32\...\Counter-Strike 1.6 Non-Steam 1.0) (Version: - )
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
dm CEWE fotosvet (HKLM-x32\...\dm CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
Epic Games Launcher (HKLM-x32\...\{53041896-BE90-4A26-9954-9E9FDC7D4495}) (Version: 1.1.229.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Free Download Manager (HKLM\...\{43781dff-e0df-49ce-a6d2-47da96a485e7}}_is1) (Version: 5.1.37.7258 - FreeDownloadManager.ORG)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.2.0 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.117 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo Flex 2 Demo (HKLM-x32\...\{8300CA15-AD32-4C12-A6D4-121DEBCA11CC}) (Version: 1.0.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.4 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.1.14.1221 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki) <==== ATTENTION
Magic Transfer (HKLM\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - )
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Mahem version 4.0 (HKLM-x32\...\Mahem_is1) (Version: 4.0 - )
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.1.3000 - Maxthon International Limited)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.57 - McAfee, LLC.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\OneDriveSetup.exe) (Version: 19.222.1110.0006 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{CFF44AE9-2908-4D7D-B48B-1CB5139015C7}) (Version: 1.0.0.0 - Mojang)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7188 - Realtek Semiconductor Corp.)
Start Menu (HKU\S-1-5-21-3924204536-3399405142-821897544-1001\...\Pokki) (Version: 0.269.2.471 - Pokki) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.9.5 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Camera Man -> C:\Program Files\WindowsApps\E0469640.CameraMan_1.0.1929.30229_x86__5grkq8ppsgwt4 [2015-11-19] (LENOVO INC)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-05] (king.com)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_10.1911.12.0_x64__6dqnvyezrysvy [2019-11-05] (Dailymotion)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.21.8716.0_x86__q4d96b2w5wcc2 [2019-10-08] (Evernote)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2015-11-30] (Hightail)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-18] (HP Inc.)
Lenovo Recommends -> C:\Program Files\WindowsApps\E0469640.LenovoRecommends_1.5.14.117_x64__5grkq8ppsgwt4 [2015-11-18] (LENOVO INC)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-11-19] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.1909.24.0_x64__k1h2ywk1493x8 [2019-09-24] (LENOVO INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2015-11-19] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-14] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-19] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-19] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-11-19] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2015-11-19] (LENOVO INC)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-20] (Microsoft Corporation) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2015.1013.1.0_x64__t3yemqpq4kp7p [2015-11-30] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.6.0.0_x64__8wekyb3d8bbwe [2019-08-05] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2015-11-19] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3924204536-3399405142-821897544-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc. (YouSendIt Inc.) -> Hightail Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShell.dll [2019-10-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-14 09:48 - 2017-04-13 12:42 - 012242432 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avcodec-57.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 001825792 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avfilter-6.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 002158592 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avformat-57.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 000485376 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\avutil-55.dll
2019-01-14 09:48 - 2017-04-13 12:46 - 069740544 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libcef.dll
2019-01-14 09:48 - 2017-11-30 18:02 - 000015360 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libegl.dll
2019-01-14 09:48 - 2017-11-30 18:02 - 002521088 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\libglesv2.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 000138752 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swresample-2.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 000662016 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\swscale-4.dll
2019-01-14 09:48 - 2018-05-28 18:05 - 000048640 _____ () [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winunivappfeatures.dll
2018-02-23 15:17 - 2010-03-15 11:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2015-11-18 21:38 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2019-09-12 23:47 - 2019-09-12 23:47 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
2019-01-14 09:48 - 2018-05-28 18:05 - 000436224 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\common.dll
2019-01-14 09:48 - 2018-05-28 18:05 - 000109056 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\mediahelper.dll
2019-01-14 09:48 - 2018-05-28 18:05 - 000676864 _____ (FreeDownloadManager.org) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\wba.dll
2015-02-12 15:54 - 2015-02-12 15:53 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2015-02-12 15:54 - 2015-02-12 15:53 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2013-11-14 23:47 - 2013-11-14 23:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-11-14 23:47 - 2013-11-14 23:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2019-01-14 09:36 - 2018-04-30 13:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2015-02-12 15:44 - 2014-04-24 02:04 - 000094208 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 001712640 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\LIBEAY32.dll
2019-01-14 09:48 - 2017-04-13 12:42 - 000351744 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\SSLEAY32.dll
2019-01-14 09:48 - 2017-11-30 18:22 - 000048128 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\bearer\qgenericbearer.dll
2019-01-14 09:48 - 2017-11-30 18:22 - 000050688 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\bearer\qnativewifibearer.dll
2019-01-14 09:48 - 2017-11-30 18:22 - 000032768 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qgif.dll
2019-01-14 09:48 - 2017-11-30 20:34 - 000039936 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qicns.dll
2019-01-14 09:48 - 2017-11-30 18:21 - 000033280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qico.dll
2019-01-14 09:48 - 2017-11-30 18:22 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qjpeg.dll
2019-01-14 09:48 - 2017-11-30 20:33 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qtga.dll
2019-01-14 09:48 - 2017-11-30 20:34 - 000371712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qtiff.dll
2019-01-14 09:48 - 2017-11-30 20:34 - 000024064 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qwbmp.dll
2019-01-14 09:48 - 2017-11-30 20:34 - 000482304 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\imageformats\qwebp.dll
2019-01-14 09:48 - 2017-11-30 18:24 - 001419264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\platforms\qwindows.dll
2019-01-14 09:48 - 2018-05-28 18:07 - 005852672 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Core.dll
2019-01-14 09:48 - 2017-11-30 18:11 - 006274560 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Gui.dll
2019-01-14 09:48 - 2017-11-30 18:10 - 001230336 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Network.dll
2019-01-14 09:48 - 2017-11-30 18:05 - 000204800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Sql.dll
2019-01-14 09:48 - 2017-11-30 18:18 - 005467648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\Qt5Widgets.dll
2019-01-14 09:48 - 2017-11-30 18:22 - 001105920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\sqldrivers\qsqlite.dll
2019-01-14 09:48 - 2017-11-30 18:23 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-12-03 18:52 - 000000834 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Control Panel\Desktop\\Wallpaper -> C:\fotky\578386_518822731493440_1826933229_n.jpg
DNS Servers: 192.168.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{853627AE-C80A-4792-98E5-844089EAB19E}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [TCP Query User{CEB28A1D-95E9-4244-99B4-8159F145544A}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe
FirewallRules: [{59DAC9CC-7C48-46A2-AD51-E76CA0346B45}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [{C533639F-ABCD-42DB-9D1F-8ECE8CB27BBC}] => (Allow) C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [File not signed]
FirewallRules: [UDP Query User{39A6FC7C-5802-4C72-86A3-D68DFC437BD9}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{D608720E-8955-477B-A601-4DCFE023561D}C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 non-steam\hl.exe (Valve) [File not signed]
FirewallRules: [{9DC68D65-8FE4-4935-AE8B-D17DA1884328}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{D42508AE-81B8-475C-A929-E8C00C9B404B}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{AF0DB4A5-B3B0-4202-B514-A4A888F1C09D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{F3E1A84D-4C23-478F-9F49-F09D41C485D0}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{CAEF3A8B-4DF8-40CA-B36A-CDA61083C66F}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{5F25FDE3-538F-4B86-9573-0A7FBD264C04}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{C1EE1FE4-DAB9-496B-BE23-3AF2E229E0B0}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{052BA94D-1C9A-473E-AFCE-EBB251DC4C93}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{8B381FFE-E8D3-459D-A0D6-B00BFD17F8DD}] => (Allow) LPort=55100
FirewallRules: [{61C19D9E-3294-4611-A0EB-E61527DD6E52}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{1FAEFEEB-D50C-43B9-8B06-E3010CDF8363}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{2A05C8BD-19DE-4098-9789-0CD4577D0661}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

15-12-2019 19:02:29 Windows Zálohování
31-12-2019 10:56:14 Windows Zálohování
05-01-2020 19:00:54 Windows Zálohování
11-01-2020 17:14:17 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/12/2020 09:55:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10204,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/12/2020 09:52:40 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/12/2020 09:44:25 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5740,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (01/12/2020 09:40:25 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/12/2020 09:40:01 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (1384,G,0) Pokus o otevření souboru C:\Users\Baruška.Lenovo-PC\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (01/12/2020 09:34:06 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (01/12/2020 09:27:32 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/12/2020 09:25:31 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NT AUTHORITY)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (01/12/2020 09:53:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 3krát.

Error: (01/12/2020 09:41:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 2krát.

Error: (01/12/2020 09:34:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba bookingDesktopApp Update Service (bookingdesktopapp) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/12/2020 09:33:14 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (01/12/2020 09:32:30 AM) (Source: DCOM) (EventID: 10005) (User: Lenovo-PC)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (01/12/2020 09:32:12 AM) (Source: DCOM) (EventID: 10005) (User: Lenovo-PC)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (01/12/2020 09:32:08 AM) (Source: DCOM) (EventID: 10005) (User: Lenovo-PC)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/12/2020 09:32:08 AM) (Source: DCOM) (EventID: 10005) (User: Lenovo-PC)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru:
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2019-11-03 10:59:05.706
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.544.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.

CodeIntegrity:
===================================

Date: 2020-01-12 09:56:20.506
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:20.495
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:18.846
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:18.227
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:14.699
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:14.681
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:13.928
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.

Date: 2020-01-12 09:56:13.914
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\AVG\Antivirus\snxhk.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A3CN33WW 07/28/2015
Motherboard: LENOVO Lenovo Flex 2-14
Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 78%
Total physical RAM: 3984.72 MB
Available physical RAM: 872.06 MB
Total Virtual: 4688.72 MB
Available Virtual: 964.51 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.27 GB) (Free:173.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:0.01 GB) NTFS

\\?\Volume{2cde43a2-7a2a-410a-8a22-7fcb28d7e4bb}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.68 GB) NTFS
\\?\Volume{74ec6474-3d81-4b79-9fb5-0f9a379408bb}\ (PBR_DRV) (Fixed) (Total:14.16 GB) (Free:3.58 GB) NTFS
\\?\Volume{4b671e3e-b745-41b1-a54c-ed3cf3f8cafb}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4F40437D)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {12F3CE0C-1CAE-4811-B6DB-932FE035DB08} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {5FCF21AA-66F7-482D-82AD-C724B2A20AEC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6765F929-D929-4141-B0ED-A9B910B76B2B} - System32\Tasks\AdwCleaner_onReboot => C:\Users\TEMP\Downloads\adwcleaner_8.0.1.exe <==== ATTENTION
Task: {6C7E3783-1003-4ABF-90B6-B2C036AD22A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {6E2A296C-8248-454B-B867-E23E2316D39C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {F91CC578-FDDA-4084-A340-FD481E699BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B37C251 ... sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
CHR HomePage: Default -> mysearch.avg.com
CHR Notifications: Default -> hxxps://appmirror.net; hxxps://b9te.wcontentdelivery.info; hxxps://hidderswera.club; hxxps://hranicky.denik.cz; hxxps://megaup.net; hxxps://mn9z.womatonsha.com; hxxps://rectititonle.pro; hxxps://www.bombuj.eu; hxxps://www.flv2mp3.by; hxxps://www.letemsvetemapplem.eu; hxxps://youtubemp3.to
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Baruška.Lenovo-PC\AppData\Local\{55CE8B18-7126-4183-AD59-9CD616F9D223}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End

Uložte do C:\AdwCleaner\FRST jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Hop]

log po kontrole:

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-01-2020
Ran by Baruška (12-01-2020 11:45:50) Run:1
Running from C:\AdwCleaner\FRST
Loaded Profiles: Baruška (Available Profiles: Baruška)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {12F3CE0C-1CAE-4811-B6DB-932FE035DB08} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {5FCF21AA-66F7-482D-82AD-C724B2A20AEC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {6765F929-D929-4141-B0ED-A9B910B76B2B} - System32\Tasks\AdwCleaner_onReboot => C:\Users\TEMP\Downloads\adwcleaner_8.0.1.exe <==== ATTENTION
Task: {6C7E3783-1003-4ABF-90B6-B2C036AD22A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
Task: {6E2A296C-8248-454B-B867-E23E2316D39C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\TEMP\Downloads\esetonlinescanner_csy.exe <==== ATTENTION
Task: {F91CC578-FDDA-4084-A340-FD481E699BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-11-18] (Google Inc -> Google Inc.)
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B37C251 ... sg=&sap=hp
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={37C25181-F892-473C-BABC-B3634860C5FD}&mid=bf2a3eaee51547cca1de85a733dd63b1-ead4fd5e234e26dd5a17d4d392186192ff5b8d4a&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2016-04-27 06:38:37&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: No Name -> {13D67BB7-DB5F-48AA-884D-7A5D94168509} -> No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-01] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-3924204536-3399405142-821897544-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-01] (Google Inc -> Google Inc.)
CHR HomePage: Default -> mysearch.avg.com
CHR Notifications: Default -> hxxps://appmirror.net; hxxps://b9te.wcontentdelivery.info; hxxps://hidderswera.club; hxxps://hranicky.denik.cz; hxxps://megaup.net; hxxps://mn9z.womatonsha.com; hxxps://rectititonle.pro; hxxps://www.bombuj.eu; hxxps://www.flv2mp3.by; hxxps://www.letemsvetemapplem.eu; hxxps://youtubemp3.to
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Baruška.Lenovo-PC\AppData\Local\{55CE8B18-7126-4183-AD59-9CD616F9D223}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

EmptyTemp:
End

*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12F3CE0C-1CAE-4811-B6DB-932FE035DB08}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12F3CE0C-1CAE-4811-B6DB-932FE035DB08}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FCF21AA-66F7-482D-82AD-C724B2A20AEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FCF21AA-66F7-482D-82AD-C724B2A20AEC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6765F929-D929-4141-B0ED-A9B910B76B2B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6765F929-D929-4141-B0ED-A9B910B76B2B}" => removed successfully
C:\WINDOWS\System32\Tasks\AdwCleaner_onReboot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C7E3783-1003-4ABF-90B6-B2C036AD22A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C7E3783-1003-4ABF-90B6-B2C036AD22A9}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E2A296C-8248-454B-B867-E23E2316D39C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E2A296C-8248-454B-B867-E23E2316D39C}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F91CC578-FDDA-4084-A340-FD481E699BAF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F91CC578-FDDA-4084-A340-FD481E699BAF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\S-1-5-21-3924204536-3399405142-821897544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3924204536-3399405142-821897544-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{13D67BB7-DB5F-48AA-884D-7A5D94168509} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => removed successfully
"HKU\S-1-5-21-3924204536-3399405142-821897544-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"Chrome HomePage" => removed successfully
"Chrome Notifications" => removed successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Baruška.Lenovo-PC\AppData\Local\{55CE8B18-7126-4183-AD59-9CD616F9D223} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 11821056 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82169374 B
Java, Flash, Steam htmlcache => 47473236 B
Windows/system/drivers => 273300 B
Edge => 1337075 B
Chrome => 213069314 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7602 B
NetworkService => 16123746 B
Baruška.Lenovo-PC => 108305624 B

RecycleBin => 131541 B
EmptyTemp: => 458.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:46:56 ====

[Rudy]

Smazáno, log by již měl být OK.

[Hop]

Děkuji a znovu děkuji!!!
Děkuji i za majitelku...
Něco pošlu
S pozdravem
Pavel

[Rudy]

Nemáte zač a za příspěvek děkujeme!