Dobrý den, prosím o provedení kontroly mého pc, přikládám výpisy logů.
Děkuji za vstřícnost. Toník P.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Tondape (administrator) on TONYPC (LENOVO 90B8002NCK) (18-01-2020 18:26:30)
Running from C:\Users\Toník\Desktop\LOG viry cz
Loaded Profiles: Tondape (Available Profiles: Tondape & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: Angličtina (Spojené státy)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CyberLink -> ) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Honest Technology) [File not signed] C:\Program Files (x86)\honestech\HTPA\HTPA.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_6.3.9600.20278_x64__8wekyb3d8bbwe\numbers.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Microsoft Windows Third Party Application Component -> Adobe) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Nuance Communications, Inc. -> ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Pokki -> Pokki) C:\Users\Toník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVBG64.EXE [1368792 2013-11-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\WRTMON.EXE [20480 2006-09-20] () [File not signed]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (Nuance Communications, Inc. -> ScanSoft, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [] => [X]
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [AvastBrowserAutoLaunch_06F5B0DAAA388223B397ADE619A50631] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Policies\Explorer: [NoDrives] 00000003
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {177e3cbc-1a93-11ea-8290-5cf3708744e4} - "F:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {a860cec2-59c4-11e9-8268-5cf3708744e4} - "D:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {af8a381c-87c5-11e9-827a-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {fe7171f4-a311-11e9-827d-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00140ED9-A19E-4D72-A0F7-C9D86D172A4C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10920216 2018-09-06] (Lenovo -> Lenovo)
Task: {00CA9A37-965F-4688-AC76-E199CE16775D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {137C863F-2119-4232-907D-08338A8A0A23} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5}
Task: {28B98797-7696-49BE-8025-A65EB4393538} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {2EF8A5C7-345B-4186-9FFC-0AB36C13A948} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {31187E21-A939-4185-BD83-E4F79E485CD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {31E50369-7E83-4DA2-9A14-4019EFD5C927} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001 => C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {32AC435E-AC06-480C-AEBE-CDB60A963D46} - System32\Tasks\Opera scheduled Autoupdate 1556116623 => C:\Users\Toník\AppData\Local\Programs\Opera\launcher.exe
Task: {35BF9601-A8F5-4A04-8CB6-F14D43BC02C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4EA016A3-67AF-4E1B-A3C2-A53B3D400E82} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {641A1418-8E08-42C7-A961-D061E972E81E} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7132216 2020-01-08] (NCH Software, Inc. -> NCH Software)
Task: {6F2B19B8-79BE-40F9-B697-34D5DD9AC17F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2018-09-06] (Lenovo -> Lenovo)
Task: {7500C0AE-426A-447E-AC19-BF6309D9113A} - System32\Tasks\NCH Software\ExpressBurnDowngrade => C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe [2119272 2019-08-30] (NCH Software, Inc. -> NCH Software)
Task: {79201894-BED3-4A66-8886-54B5DE398F5B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {7C573F00-15F6-4F2C-8E6A-28E412EC2C2E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {80F1B679-0EAD-40C8-99FB-16F04A25360A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {82C856F8-4B48-4BF5-A3C7-3075FC97376E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {84EF080C-7F14-4125-838F-C8D0C8F06EC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {89786E36-4763-46CB-A188-A7D28E43E9D9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
Task: {8D4E57E8-7752-4759-A503-223AC3907608} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8DFF223C-1738-4689-AD2C-F47EDD434E78} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [331544 2018-09-06] (Lenovo -> )
Task: {8F915DBF-E8C3-42B8-BDE0-E3139D717751} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {973BA9A0-D9EA-40A6-B4AF-D7723392F96F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9744ED5E-35F4-417A-B6B3-B333E2F9C975} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {A36BBCED-A263-42E1-85C9-AB53B4FA2471} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A85CB4EE-0016-42AB-BEBE-982465EC48FD} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {AA69E507-9BB9-4A96-9889-DCF068F69BB1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {B7F2C303-A629-413C-9B9D-5795D0F518D2} - System32\Tasks\SweetLabs App Platform => C:\Users\Toník\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [7467728 2020-01-06] (Pokki -> Pokki)
Task: {D8853E32-153D-4859-A151-D16CEFFED362} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C}
Task: {F72703D0-0C48-423C-B0EB-8A557238268C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{56845C44-BE37-4715-88E3-ACB88AF0976C}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> DefaultScope {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {28CFE0E0-0BD3-4FA4-A51C-7D7A41368B27} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {F8C6F653-5A24-48BE-98D5-FF2BE590C2E1} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: AskBar BHO -> {201f27d4-3704-41d6-89c1-aa35e39143ed} -> C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll [2008-08-26] (Ask.com -> Ask.com)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-13]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-11] (Mixbyte Inc -> Freemake)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [337688 2018-09-06] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-03-19] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] (CyberLink -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [321224 2014-08-16] (Lenovo.Ltd -> Lenovo)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 DCamUSBSTK02N; C:\WINDOWS\system32\DRIVERS\STK02NW2.sys [106496 2007-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Syntek Ltd.)
R3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 X86BDA; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [666624 2012-04-27] (Microsoft Windows Hardware Compatibility Publisher -> )
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:25 - 2020-01-18 18:27 - 000000000 ____D C:\FRST
2020-01-18 18:14 - 2020-01-18 18:26 - 000000000 ____D C:\Users\Toník\Desktop\LOG viry cz
2020-01-18 18:03 - 2020-01-18 18:03 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-18 18:03 - 2020-01-18 18:03 - 000002808 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-18 18:03 - 2020-01-18 18:03 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\Program Files\CCleaner
2020-01-18 18:01 - 2020-01-18 18:01 - 024578944 _____ (Piriform Software Ltd) C:\Users\Toník\Downloads\ccsetup563.exe
2020-01-16 19:32 - 2020-01-16 19:32 - 000000000 _____ C:\WINDOWS\PhotoNow.INI
2020-01-16 19:28 - 2020-01-16 19:28 - 000001639 _____ C:\Users\Toník\Desktop\PhotoNow – zástupce.lnk
2020-01-16 19:09 - 2020-01-16 19:09 - 000000000 ___HD C:\Users\Toník\Documents\ShadowEditFiles
2020-01-16 18:59 - 2020-01-16 20:30 - 000002078 _____ C:\Users\Toník\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Tondape\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Administrator\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Tondape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:45 - 2020-01-16 18:45 - 000000000 ____D C:\Program Files (x86)\dexatek
2020-01-15 20:32 - 2020-01-15 20:32 - 009635328 _____ C:\Users\Toník\Downloads\Fotky_s_velkou_hvezdickou1.pps
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2020-01-14 18:34 - 2020-01-14 18:34 - 000000034 _____ C:\WINDOWS\cdplayer.ini
2020-01-14 18:27 - 2020-01-14 18:27 - 011755864 _____ C:\Users\Toník\Downloads\download-audiograbber.exe
2020-01-13 23:00 - 2020-01-13 22:59 - 000206355 _____ C:\Users\Toník\Downloads\Pitný režim.pdf
2020-01-13 18:33 - 2020-01-13 18:33 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001 (1).pdf
2020-01-13 15:41 - 2020-01-13 15:41 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001.pdf
2020-01-13 15:30 - 2020-01-16 20:54 - 000000000 ____D C:\Users\Toník\Documents\VHS TO DVD
2020-01-13 11:12 - 2020-01-13 11:12 - 000000000 ____D C:\Users\Toník\Documents\VideoPad Projects
2020-01-13 10:36 - 2020-01-13 10:36 - 000000000 ____D C:\Users\Toník\AppData\Local\Meltytech
2020-01-13 09:24 - 2020-01-13 09:24 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\ProgramData\Desktop\VideoPad Video Editor.lnk
2020-01-12 09:40 - 2020-01-12 09:40 - 007773132 _____ C:\Users\Toník\Downloads\eifelovka best.mp4
2020-01-11 08:55 - 2020-01-11 08:55 - 003857408 _____ C:\Users\Toník\Downloads\Hollywood_Oldies_2015.pps
2020-01-10 11:43 - 2020-01-10 11:43 - 006379520 _____ C:\Users\Toník\Downloads\pohadkovy klaster na vyhasle sopce12.pps
2020-01-07 18:47 - 2020-01-07 18:47 - 000000000 ____D C:\Users\Toník\AppData\Roaming\STOIK
2020-01-07 18:23 - 2020-01-07 18:23 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-01-07 18:18 - 2020-01-07 18:19 - 015534753 _____ C:\Users\Toník\Downloads\golden-videos.exe
2020-01-05 19:12 - 2020-01-05 19:12 - 005324958 _____ C:\Users\Toník\Downloads\HRABICA Miroslav - Co nám tělo říká.pdf
2020-01-05 19:06 - 2020-01-05 19:06 - 010709413 _____ C:\Users\Toník\Downloads\Ca c'est du french cancan.mp4
2020-01-02 18:46 - 2020-01-02 18:46 - 012117647 _____ C:\Users\Toník\Downloads\__ ект Мерли.mp4
2020-01-01 22:35 - 2020-01-01 22:35 - 000116036 _____ C:\Users\Toník\Downloads\Návod k pouĹľitĂ CZ.pdf
2019-12-30 22:16 - 2019-12-30 22:16 - 009656955 _____ C:\Users\Toník\Downloads\New Bikes Christmas 2019.pdf
2019-12-30 14:10 - 2019-12-30 14:10 - 000093846 _____ C:\Users\Toník\Downloads\131057867_20191130_11_MCZS.pdf
2019-12-28 17:24 - 2019-12-28 17:24 - 000000000 ____D C:\Program Files\AEE MD Tools
2019-12-28 17:17 - 2007-03-12 14:28 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STK02NP.ax
2019-12-28 17:17 - 2007-03-12 14:26 - 000106496 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW2.sys
2019-12-28 17:17 - 2007-03-12 14:26 - 000028416 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW1.sys
2019-12-28 17:16 - 2008-12-17 19:22 - 000057344 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2019-12-28 17:16 - 2008-12-17 19:22 - 000050688 _____ C:\WINDOWS\SysWOW64\ff_acm.acm
2019-12-28 17:14 - 2019-12-28 17:24 - 000000589 _____ C:\Users\Administrator\Desktop\MDPlayer_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000575 _____ C:\Users\Administrator\Desktop\MDCap_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000569 _____ C:\Users\Administrator\Desktop\SetTime.lnk
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 13:59 - 2020-01-17 22:40 - 000000000 ____D C:\Users\Toník\AppData\Local\BlueStacks
2019-12-28 13:59 - 2019-12-28 14:05 - 000000000 ____D C:\Users\Public\BlueStacks
2019-12-28 13:59 - 2019-12-28 13:59 - 000962040 _____ (BlueStack Systems Inc.) C:\Users\Toník\Downloads\BlueStacksInstaller_4.150.11.4006_native_bf7c3d205a4379061269ca437d728955.exe
2019-12-24 23:18 - 2019-12-24 23:18 - 002101760 _____ C:\Users\Toník\Downloads\Cesko_humor_neopousti.pps
2019-12-20 22:02 - 2019-12-20 22:02 - 009837526 _____ C:\Users\Toník\Downloads\Televízia JOJ.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:26 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-01-18 18:08 - 2019-02-16 10:44 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-18 18:06 - 2019-07-04 07:00 - 000000000 ____D C:\WINDOWS\Minidump
2020-01-18 18:06 - 2019-04-26 21:02 - 000000000 ____D C:\ProgramData\VSO
2020-01-18 18:06 - 2019-04-16 17:59 - 000000000 ____D C:\Users\Toník\AppData\Local\CrashDumps
2020-01-18 18:06 - 2019-03-06 22:20 - 000000000 ____D C:\Users\Toník\AppData\Roaming\PhotoScape
2020-01-18 18:06 - 2014-04-02 18:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-18 18:03 - 2019-03-06 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\CyberLink
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-01-17 22:45 - 2015-01-09 03:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-17 22:44 - 2019-07-11 17:20 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-17 22:44 - 2019-04-24 15:37 - 000004058 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556116623
2020-01-17 22:44 - 2019-04-16 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-17 22:44 - 2019-03-06 22:19 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-17 22:44 - 2019-03-06 22:19 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-17 22:44 - 2019-02-17 09:47 - 000003096 _____ C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-17 22:44 - 2019-02-16 21:45 - 000003258 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-01-17 22:44 - 2019-02-16 21:43 - 000003618 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-01-17 22:44 - 2019-02-16 10:40 - 000003304 _____ C:\WINDOWS\system32\Tasks\SweetLabs App Platform
2020-01-17 22:44 - 2015-01-09 03:36 - 000003056 _____ C:\WINDOWS\system32\Tasks\PDVDServ Task
2020-01-17 22:30 - 2019-03-14 17:58 - 000000000 ____D C:\Users\Toník\AppData\Roaming\vlc
2020-01-17 22:30 - 2019-02-16 21:49 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Audacity
2020-01-16 21:25 - 2013-03-31 13:34 - 000000000 ____D C:\Users\Toník\Documents\ELEKTRONIKA
2020-01-16 19:17 - 2019-04-26 05:20 - 000000000 ____D C:\Users\Public\CyberLink
2020-01-16 19:09 - 2019-02-17 08:57 - 000000000 ____D C:\Users\Toník\AppData\Roaming\CyberLink
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\Temp
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Cyberlink
2020-01-16 18:59 - 2019-02-16 10:56 - 000000000 ____D C:\Users\Tondape
2020-01-16 18:48 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-16 08:48 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník\AppData\Local\SweetLabs App Platform
2020-01-15 13:45 - 2019-02-17 09:50 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Seznam.cz
2020-01-14 22:07 - 2019-02-17 10:15 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-01-14 22:00 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-01-14 18:21 - 2019-12-17 10:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-01-14 18:05 - 2016-09-14 10:21 - 000000000 ____D C:\FFOutput
2020-01-13 15:35 - 2014-02-28 10:35 - 000000000 ____D C:\Users\Toník\Documents\RECEPTY
2020-01-13 15:24 - 2019-03-28 16:08 - 000000000 ____D C:\Users\Toník\Desktop\DOSTÁLEK
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Users\Toník\AppData\Roaming\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\ProgramData\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-01-09 20:48 - 2015-01-09 04:01 - 000740602 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-09 20:48 - 2015-01-09 04:01 - 000152282 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-09 20:48 - 2014-03-18 10:53 - 001752150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-08 09:09 - 2019-02-16 10:47 - 000002448 _____ C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2020-01-07 19:13 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-01-07 19:12 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník
2020-01-07 18:47 - 2014-04-02 17:38 - 000000000 ____D C:\Users\Administrator
2020-01-05 09:54 - 2014-02-19 10:46 - 000000000 ____D C:\Users\Toník\Documents\ZDRAVÍ
2020-01-04 12:54 - 2013-04-16 13:49 - 000000000 ____D C:\Users\Toník\KLÁVESY
2019-12-28 22:51 - 2016-12-27 20:48 - 000000000 ____D C:\Users\Toník\Documents\ADRESY
2019-12-28 19:28 - 2013-03-31 13:36 - 000000000 ____D C:\Users\Toník\Documents\REGISTRACE
2019-12-28 17:25 - 2019-02-16 10:38 - 000000000 ____D C:\Users\Toník\AppData\Local\VirtualStore
2019-12-28 17:24 - 2019-05-04 21:23 - 000000000 ____D C:\Program Files (x86)\ffdshow
2019-12-28 15:46 - 2015-07-23 10:16 - 000000000 ____D C:\Users\Toník\Documents\PRAKTICKÉ
2019-12-28 13:52 - 2019-10-30 22:52 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Google
2019-12-22 09:09 - 2019-08-21 20:34 - 000000000 ____D C:\ProgramData\Ashampoo
2019-12-21 12:55 - 2019-07-11 17:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2019-03-06 22:19 - 2019-03-06 22:20 - 004096000 _____ () C:\Program Files (x86)\GUTDD08.tmp
2019-02-22 23:27 - 2019-02-22 23:26 - 000518144 _____ () C:\Program Files (x86)\lame_enc.dll
2019-02-22 23:27 - 2019-02-22 23:26 - 000002060 _____ () C:\Program Files (x86)\lame_enc.ini
2019-04-26 21:02 - 2019-12-16 22:11 - 000099384 _____ () C:\Users\Toník\AppData\Roaming\inst.exe
2019-04-26 21:02 - 2019-12-16 22:11 - 000007859 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.cat
2019-04-26 21:02 - 2019-12-16 22:11 - 000001167 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.inf
2019-04-26 21:02 - 2019-12-16 22:11 - 000000055 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.log
2019-04-26 21:02 - 2019-12-16 22:11 - 000082816 _____ (VSO Software) C:\Users\Toník\AppData\Roaming\pcouffin.sys
2019-04-23 15:11 - 2019-05-12 19:47 - 000007168 _____ () C:\Users\Toník\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-08 10:08
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Tondape (18-01-2020 18:28:42)
Running from C:\Users\Toník\Desktop\LOG viry cz
Windows 8.1 Connected (Update) (X64) (2019-02-16 09:35:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1954234458-1285122646-2141783352-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1954234458-1285122646-2141783352-501 - Limited - Disabled)
Tondape (S-1-5-21-1954234458-1285122646-2141783352-1001 - Administrator - Enabled) => C:\Users\Toník
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
All Free Video Converter 8.8.2.4 (HKLM-x32\...\All Free Video Converter_is1) (Version: - FreeAudioVideoSoftTech, Inc.)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION
Any Audio Converter 1.0.2 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 6.3.7 (HKLM-x32\...\Any Video Converter) (Version: 6.3.7 - Anvsoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
Ask Toolbar (HKLM-x32\...\Ask Toolbar_is1) (Version: 4.1.0.2 - Ask.com) <==== ATTENTION
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.2.2152.121 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
CAM-IN SUITE III (HKLM-x32\...\CAM-IN SUITE III) (Version: - )
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
ConvertDocsOnline Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\ConvertDocsOnlineTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DigitalCam Pro (HKLM-x32\...\VQ2210) (Version: - )
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 8.00 - NCH Software)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Format Factory verze 1.5 (HKLM-x32\...\Format Factory_is1) (Version: 1.5 - )
FormatFactory 4.5.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
GetFormsOnline Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\GetFormsOnlineTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Host App Service (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\SweetLabs_AP) (Version: 0.269.8.844 - Pokki) <==== ATTENTION
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{5E35CA26-A9A2-47B8-AB52-8D0C9A3CA685}) (Version: 03.12.003 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - SweetLabs) <==== ATTENTION
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
MGI VideoWave 4 (HKLM-x32\...\{B246C325-1C49-4572-8665-7691EFE1D06B}) (Version: 4.1.1040.0 - MGI Software Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyImageConverter Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MyImageConverterTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PhotoFiltre 7 (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\PhotoFiltre 7) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Presto! PageManager 7.15.14 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.14E - NewSoft)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 5.28 - NCH Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon iP7200 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP7200 series) (Version: - Canon Inc.)
Rodokmen Pro verze 2.9 (HKLM-x32\...\Rodokmen Pro_is1) (Version: 2.9 - Martin Veškrna)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.5.5 - Jan Adamec)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
SearchFormsOnline Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\SearchFormsOnlineTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
Start Menu (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.844 - Pokki) <==== ATTENTION
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.0.3 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Grabber (HKLM-x32\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 8.00 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Packages:
=========
3GP Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.3GPViewerFree_1.1.0.0_neutral__7sv5v3m8wq0b2 [2017-10-12] (pauljohn)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.7.0.1_neutral__6e5tt8cgb93ep [2017-12-11] (Canon Inc.)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-10-12] (LENOVO INC.)
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-10-12] (FilmOn TV Inc.)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2017-10-12] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-10-12] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-10-12] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-10-12] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2014-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [282896 2000-06-26] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.MPG4] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP42] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP43] => MPG4c32.dll
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [86016 2000-05-27] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\dvc.dll [8704 1999-07-23] (Adaptec) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvid.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [57344 2008-12-17] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [50688 2008-12-17] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.DIVX] => DivX.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-01-09 03:15 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2019-02-17 10:17 - 2012-03-28 18:00 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-11-29 01:55 - 2018-11-29 01:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 13:40 - 2006-10-26 13:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2015-01-09 03:35 - 2015-01-09 03:35 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:E7833B2E [236]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Toník\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3731419A-F533-487B-A85C-7CC3C2541442}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F64C3A02-28A9-4146-AF81-3DE703338674}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{96D8DFD4-6053-4CE8-8141-375668151E68}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D4510715-FC9F-46C9-A6FD-2D0CFBD0F68E}] => (Allow) C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D41338FA-4CB5-40E1-8677-441AD4B7B6A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C1A5DC9-E74A-402F-A7CE-1200F6D56CBE}] => (Allow) LPort=2869
FirewallRules: [{6EB7B2DE-D408-4A80-84E2-1B137EFF1FC3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{06522B24-674C-44A1-AA99-249EB92FD203}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29EE8F34-6AFA-436B-BB6B-3EB40B91DB3A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AF944F2-05EB-4621-B9BB-4BBC819BBFA4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{ED818A91-D102-4285-9595-5DBC04EDEE7C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{DA8F5C00-941D-41FD-B9EA-02E6FE1E850E}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{F84D7AED-F779-43CA-8212-921D954AF5C8}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{886D8A58-6BA0-4E3F-9BEA-E7F3726B2C2B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8EF4FA0D-D1FA-4035-B1FF-9D161EFC5B80}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{96D71826-4F08-4756-80E9-14FB9D9DCFA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-12-2019 17:16:52 Instalováno STK02N 2.3
06-01-2020 14:11:58 Scheduled Checkpoint
07-01-2020 18:46:08 Installed STOIK Video Converter 2
16-01-2020 18:44:29 Instalováno Video Grabber
17-01-2020 22:44:23 Configured MediaStory
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 06:19:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/18/2020 06:03:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:03:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:03:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 05:56:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/18/2020 11:20:10 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/18/2020 11:19:33 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/17/2020 10:45:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
System errors:
=============
Error: (01/16/2020 06:52:01 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (01/16/2020 06:51:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee CSP Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/16/2020 06:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee PEF Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/16/2020 06:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Module Core Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/16/2020 06:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Service Controller neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/16/2020 06:49:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee Temporary Installer Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (01/16/2020 06:49:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/16/2020 06:49:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (30000 ms).
CodeIntegrity:
===================================
Date: 2019-02-16 21:55:44.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.300
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.159
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:43.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 12:18:03.482
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO IEKT28AUS 09/10/2014
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3250 @ 3.20GHz
Percentage of memory in use: 57%
Total physical RAM: 4010.23 MB
Available physical RAM: 1703.43 MB
Total Virtual: 4778.23 MB
Available Virtual: 1870.33 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:64.47 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{b58c29e0-d51a-4641-8504-78e626273fe5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{8be3add2-2d7e-4c87-a83a-90169c331096}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.71 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8966D51F)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
preventivní kontrola pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: preventivní kontrola pc
posílám LOG po kontrole ADW Cleanerem, logy FRST pošlu znovu.
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-18-2020
# Duration: 00:00:11
# OS: Windows 8.1 Connected
# Cleaned: 90
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Amazon\ABB
Deleted C:\Program Files (x86)\AskBarDis
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\Pokki
Deleted C:\ProgramData\TweakBit
Deleted C:\Users\Toník\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Toník\AppData\Local\FROMDOCTOPDFTOOLTAB
Deleted C:\Users\Toník\AppData\Local\GetFormsOnlineTooltab
Deleted C:\Users\Toník\AppData\Local\MyImageConverterTooltab
Deleted C:\Users\Toník\AppData\Local\SEARCHFORMSONLINETOOLTAB
Deleted C:\Users\Toník\AppData\Roaming\Seznam.cz
Not Deleted C:\Users\Toník\AppData\Local\SweetLabs App Platform
***** [ Files ] *****
Deleted C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKCU\Software\AppDataLow\AskBarDis
Deleted HKCU\Software\BSD
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\ConvertDocsOnline
Deleted HKCU\Software\GetFormsOnline
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ConvertDocsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GetFormsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyImageConverterTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchFormsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\MyImageConverter
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7F2C303-A629-413C-9B9D-5795D0F518D2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Deleted HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Deleted HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Deleted HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Deleted HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\TWEAKBIT
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [12674 octets] - [18/01/2020 18:47:28]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2020-01-15.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-18-2020
# Duration: 00:00:11
# OS: Windows 8.1 Connected
# Cleaned: 90
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Amazon\ABB
Deleted C:\Program Files (x86)\AskBarDis
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\Pokki
Deleted C:\ProgramData\TweakBit
Deleted C:\Users\Toník\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\Toník\AppData\Local\FROMDOCTOPDFTOOLTAB
Deleted C:\Users\Toník\AppData\Local\GetFormsOnlineTooltab
Deleted C:\Users\Toník\AppData\Local\MyImageConverterTooltab
Deleted C:\Users\Toník\AppData\Local\SEARCHFORMSONLINETOOLTAB
Deleted C:\Users\Toník\AppData\Roaming\Seznam.cz
Not Deleted C:\Users\Toník\AppData\Local\SweetLabs App Platform
***** [ Files ] *****
Deleted C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\SWEETLABS APP PLATFORM
***** [ Registry ] *****
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKCU\Software\AppDataLow\AskBarDis
Deleted HKCU\Software\BSD
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\ConvertDocsOnline
Deleted HKCU\Software\GetFormsOnline
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ConvertDocsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\GetFormsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyImageConverterTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchFormsOnlineTooltab Uninstall Internet Explorer
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\MyImageConverter
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7F2C303-A629-413C-9B9D-5795D0F518D2}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Deleted HKLM\Software\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Deleted HKLM\Software\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Deleted HKLM\Software\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Deleted HKLM\Software\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Deleted HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\TWEAKBIT
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioCompress3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\NCTAudioFormatSettings3.DLL
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Deleted HKLM\Software\Wow6432Node\\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{0702A2B6-13AA-4090-9E01-BCDC85DD933F}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{08993A7C-E764-4172-9627-BFB5EA6897B2}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{128A6C66-AC6A-4617-8268-AB7F47B7215E}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{528B5866-2BA6-42CE-8F74-39FB23B49767}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{571715D7-3395-4DF0-B43C-784836209E60}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{622FD888-4E91-4D68-84D4-7262FD0811BF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{B0DE3308-5D5A-470D-81B9-634FC078393B}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4634804A-F0B0-4A74-A550-FC0EEF8A4362}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{4C07EA4F-5F52-4222-B170-4CD9ED33BAEA}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{C44FEFF4-EF0C-4CF7-83D0-92B4266A32B9}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{F131923C-381D-4E4C-A472-4A17118FD742}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{4B1C1E16-6B34-430E-B074-5928ECA4C150}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{D2E5FA06-DCC7-46F9-BEFF-BFD06F69B9B2}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201F27D4-3704-41D6-89C1-AA35E39143ED}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar_is1
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [12674 octets] - [18/01/2020 18:47:28]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: preventivní kontrola pc
Zdravím!
Dejte nové logy FRST+Addition.
Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: preventivní kontrola pc
nové logy:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Tondape (18-01-2020 18:59:34)
Running from C:\Users\Toník\Desktop\LOG viry cz
Windows 8.1 Connected (Update) (X64) (2019-02-16 09:35:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1954234458-1285122646-2141783352-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1954234458-1285122646-2141783352-501 - Limited - Disabled)
Tondape (S-1-5-21-1954234458-1285122646-2141783352-1001 - Administrator - Enabled) => C:\Users\Toník
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
All Free Video Converter 8.8.2.4 (HKLM-x32\...\All Free Video Converter_is1) (Version: - FreeAudioVideoSoftTech, Inc.)
Any Audio Converter 1.0.2 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 6.3.7 (HKLM-x32\...\Any Video Converter) (Version: 6.3.7 - Anvsoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.2.2152.121 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
CAM-IN SUITE III (HKLM-x32\...\CAM-IN SUITE III) (Version: - )
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DigitalCam Pro (HKLM-x32\...\VQ2210) (Version: - )
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 8.00 - NCH Software)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Format Factory verze 1.5 (HKLM-x32\...\Format Factory_is1) (Version: 1.5 - )
FormatFactory 4.5.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{5E35CA26-A9A2-47B8-AB52-8D0C9A3CA685}) (Version: 03.12.003 - Lenovo)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
MGI VideoWave 4 (HKLM-x32\...\{B246C325-1C49-4572-8665-7691EFE1D06B}) (Version: 4.1.1040.0 - MGI Software Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PhotoFiltre 7 (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\PhotoFiltre 7) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Presto! PageManager 7.15.14 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.14E - NewSoft)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 5.28 - NCH Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon iP7200 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP7200 series) (Version: - Canon Inc.)
Rodokmen Pro verze 2.9 (HKLM-x32\...\Rodokmen Pro_is1) (Version: 2.9 - Martin Veškrna)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.5.5 - Jan Adamec)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.0.3 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Grabber (HKLM-x32\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 8.00 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Packages:
=========
3GP Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.3GPViewerFree_1.1.0.0_neutral__7sv5v3m8wq0b2 [2017-10-12] (pauljohn)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.7.0.1_neutral__6e5tt8cgb93ep [2017-12-11] (Canon Inc.)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-10-12] (LENOVO INC.)
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-10-12] (FilmOn TV Inc.)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2017-10-12] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-10-12] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-10-12] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-10-12] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2014-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [282896 2000-06-26] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.MPG4] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP42] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP43] => MPG4c32.dll
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [86016 2000-05-27] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\dvc.dll [8704 1999-07-23] (Adaptec) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvid.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [57344 2008-12-17] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [50688 2008-12-17] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.DIVX] => DivX.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-01-09 03:15 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2019-02-17 10:17 - 2012-03-28 18:00 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-11-29 01:55 - 2018-11-29 01:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2015-01-09 03:35 - 2015-01-09 03:35 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:E7833B2E [236]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Toník\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3731419A-F533-487B-A85C-7CC3C2541442}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F64C3A02-28A9-4146-AF81-3DE703338674}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{96D8DFD4-6053-4CE8-8141-375668151E68}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D4510715-FC9F-46C9-A6FD-2D0CFBD0F68E}] => (Allow) C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D41338FA-4CB5-40E1-8677-441AD4B7B6A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C1A5DC9-E74A-402F-A7CE-1200F6D56CBE}] => (Allow) LPort=2869
FirewallRules: [{6EB7B2DE-D408-4A80-84E2-1B137EFF1FC3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{06522B24-674C-44A1-AA99-249EB92FD203}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29EE8F34-6AFA-436B-BB6B-3EB40B91DB3A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AF944F2-05EB-4621-B9BB-4BBC819BBFA4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{ED818A91-D102-4285-9595-5DBC04EDEE7C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{DA8F5C00-941D-41FD-B9EA-02E6FE1E850E}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{F84D7AED-F779-43CA-8212-921D954AF5C8}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{886D8A58-6BA0-4E3F-9BEA-E7F3726B2C2B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8EF4FA0D-D1FA-4035-B1FF-9D161EFC5B80}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{96D71826-4F08-4756-80E9-14FB9D9DCFA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-12-2019 17:16:52 Instalováno STK02N 2.3
06-01-2020 14:11:58 Scheduled Checkpoint
07-01-2020 18:46:08 Installed STOIK Video Converter 2
16-01-2020 18:44:29 Instalováno Video Grabber
17-01-2020 22:44:23 Configured MediaStory
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 06:51:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:50:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19178, časové razítko: 0x5bc10573
Kód výjimky: 0xe0434352
Posun chyby: 0x00015ef8
ID chybujícího procesu: 0x688
Čas spuštění chybující aplikace: 0x01d5ce27c8758bc5
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
ID zprávy: 13200ebb-3a1b-11ea-829e-50af736e2a94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/18/2020 06:50:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])
Error: (01/18/2020 06:19:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/18/2020 06:03:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
System errors:
=============
Error: (01/18/2020 06:53:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (01/18/2020 06:53:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20
Error: (01/18/2020 06:50:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/18/2020 06:50:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (30000 ms).
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Cyberlink RichVideo Service(CRVS) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo System Agent Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-02-16 21:55:44.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.300
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.159
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:43.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 12:18:03.482
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO IEKT28AUS 09/10/2014
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3250 @ 3.20GHz
Percentage of memory in use: 54%
Total physical RAM: 4010.23 MB
Available physical RAM: 1833.7 MB
Total Virtual: 4778.23 MB
Available Virtual: 2982.48 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:64.52 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{b58c29e0-d51a-4641-8504-78e626273fe5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{8be3add2-2d7e-4c87-a83a-90169c331096}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.71 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8966D51F)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Tondape (administrator) on TONYPC (LENOVO 90B8002NCK) (18-01-2020 18:57:39)
Running from C:\Users\Toník\Desktop\LOG viry cz
Loaded Profiles: Tondape (Available Profiles: Tondape & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: Angličtina (Spojené státy)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CyberLink -> ) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(Lenovo.Ltd -> Lenovo) C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Nuance Communications, Inc. -> ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVBG64.EXE [1368792 2013-11-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\WRTMON.EXE [20480 2006-09-20] () [File not signed]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (Nuance Communications, Inc. -> ScanSoft, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [] => [X]
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [AvastBrowserAutoLaunch_06F5B0DAAA388223B397ADE619A50631] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Policies\Explorer: [NoDrives] 00000003
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {177e3cbc-1a93-11ea-8290-5cf3708744e4} - "F:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {a860cec2-59c4-11e9-8268-5cf3708744e4} - "D:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {af8a381c-87c5-11e9-827a-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {fe7171f4-a311-11e9-827d-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00140ED9-A19E-4D72-A0F7-C9D86D172A4C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10920216 2018-09-06] (Lenovo -> Lenovo)
Task: {00CA9A37-965F-4688-AC76-E199CE16775D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {137C863F-2119-4232-907D-08338A8A0A23} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5}
Task: {28B98797-7696-49BE-8025-A65EB4393538} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {2EF8A5C7-345B-4186-9FFC-0AB36C13A948} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {31187E21-A939-4185-BD83-E4F79E485CD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {31E50369-7E83-4DA2-9A14-4019EFD5C927} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001 => C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {32AC435E-AC06-480C-AEBE-CDB60A963D46} - System32\Tasks\Opera scheduled Autoupdate 1556116623 => C:\Users\Toník\AppData\Local\Programs\Opera\launcher.exe
Task: {35BF9601-A8F5-4A04-8CB6-F14D43BC02C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4EA016A3-67AF-4E1B-A3C2-A53B3D400E82} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {641A1418-8E08-42C7-A961-D061E972E81E} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7132216 2020-01-08] (NCH Software, Inc. -> NCH Software)
Task: {6F2B19B8-79BE-40F9-B697-34D5DD9AC17F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2018-09-06] (Lenovo -> Lenovo)
Task: {7500C0AE-426A-447E-AC19-BF6309D9113A} - System32\Tasks\NCH Software\ExpressBurnDowngrade => C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe [2119272 2019-08-30] (NCH Software, Inc. -> NCH Software)
Task: {79201894-BED3-4A66-8886-54B5DE398F5B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {7C573F00-15F6-4F2C-8E6A-28E412EC2C2E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {80F1B679-0EAD-40C8-99FB-16F04A25360A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {82C856F8-4B48-4BF5-A3C7-3075FC97376E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {84EF080C-7F14-4125-838F-C8D0C8F06EC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {89786E36-4763-46CB-A188-A7D28E43E9D9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
Task: {8D4E57E8-7752-4759-A503-223AC3907608} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8DFF223C-1738-4689-AD2C-F47EDD434E78} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [331544 2018-09-06] (Lenovo -> )
Task: {8F915DBF-E8C3-42B8-BDE0-E3139D717751} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {973BA9A0-D9EA-40A6-B4AF-D7723392F96F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9744ED5E-35F4-417A-B6B3-B333E2F9C975} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {A36BBCED-A263-42E1-85C9-AB53B4FA2471} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A85CB4EE-0016-42AB-BEBE-982465EC48FD} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {AA69E507-9BB9-4A96-9889-DCF068F69BB1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8853E32-153D-4859-A151-D16CEFFED362} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C}
Task: {F72703D0-0C48-423C-B0EB-8A557238268C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{56845C44-BE37-4715-88E3-ACB88AF0976C}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> DefaultScope {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {28CFE0E0-0BD3-4FA4-A51C-7D7A41368B27} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {F8C6F653-5A24-48BE-98D5-FF2BE590C2E1} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-13]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-11] (Mixbyte Inc -> Freemake)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [337688 2018-09-06] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-03-19] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] (CyberLink -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [321224 2014-08-16] (Lenovo.Ltd -> Lenovo)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 DCamUSBSTK02N; C:\WINDOWS\system32\DRIVERS\STK02NW2.sys [106496 2007-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Syntek Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 X86BDA; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [666624 2012-04-27] (Microsoft Windows Hardware Compatibility Publisher -> )
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:25 - 2020-01-18 18:58 - 000000000 ____D C:\FRST
2020-01-18 18:14 - 2020-01-18 18:46 - 000000000 ____D C:\Users\Toník\Desktop\LOG viry cz
2020-01-18 18:03 - 2020-01-18 18:03 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-18 18:03 - 2020-01-18 18:03 - 000002808 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-18 18:03 - 2020-01-18 18:03 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\Program Files\CCleaner
2020-01-18 18:01 - 2020-01-18 18:01 - 024578944 _____ (Piriform Software Ltd) C:\Users\Toník\Downloads\ccsetup563.exe
2020-01-16 19:32 - 2020-01-16 19:32 - 000000000 _____ C:\WINDOWS\PhotoNow.INI
2020-01-16 19:28 - 2020-01-16 19:28 - 000001639 _____ C:\Users\Toník\Desktop\PhotoNow – zástupce.lnk
2020-01-16 19:09 - 2020-01-16 19:09 - 000000000 ___HD C:\Users\Toník\Documents\ShadowEditFiles
2020-01-16 18:59 - 2020-01-18 18:51 - 000002078 _____ C:\Users\Toník\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Tondape\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Administrator\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Tondape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:45 - 2020-01-16 18:45 - 000000000 ____D C:\Program Files (x86)\dexatek
2020-01-15 20:32 - 2020-01-15 20:32 - 009635328 _____ C:\Users\Toník\Downloads\Fotky_s_velkou_hvezdickou1.pps
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2020-01-14 18:34 - 2020-01-14 18:34 - 000000034 _____ C:\WINDOWS\cdplayer.ini
2020-01-14 18:27 - 2020-01-14 18:27 - 011755864 _____ C:\Users\Toník\Downloads\download-audiograbber.exe
2020-01-13 23:00 - 2020-01-13 22:59 - 000206355 _____ C:\Users\Toník\Downloads\Pitný režim.pdf
2020-01-13 18:33 - 2020-01-13 18:33 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001 (1).pdf
2020-01-13 15:41 - 2020-01-13 15:41 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001.pdf
2020-01-13 15:30 - 2020-01-16 20:54 - 000000000 ____D C:\Users\Toník\Documents\VHS TO DVD
2020-01-13 11:12 - 2020-01-13 11:12 - 000000000 ____D C:\Users\Toník\Documents\VideoPad Projects
2020-01-13 10:36 - 2020-01-13 10:36 - 000000000 ____D C:\Users\Toník\AppData\Local\Meltytech
2020-01-13 09:24 - 2020-01-13 09:24 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\ProgramData\Desktop\VideoPad Video Editor.lnk
2020-01-12 09:40 - 2020-01-12 09:40 - 007773132 _____ C:\Users\Toník\Downloads\eifelovka best.mp4
2020-01-11 08:55 - 2020-01-11 08:55 - 003857408 _____ C:\Users\Toník\Downloads\Hollywood_Oldies_2015.pps
2020-01-10 11:43 - 2020-01-10 11:43 - 006379520 _____ C:\Users\Toník\Downloads\pohadkovy klaster na vyhasle sopce12.pps
2020-01-07 18:47 - 2020-01-07 18:47 - 000000000 ____D C:\Users\Toník\AppData\Roaming\STOIK
2020-01-07 18:23 - 2020-01-07 18:23 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-01-07 18:18 - 2020-01-07 18:19 - 015534753 _____ C:\Users\Toník\Downloads\golden-videos.exe
2020-01-05 19:12 - 2020-01-05 19:12 - 005324958 _____ C:\Users\Toník\Downloads\HRABICA Miroslav - Co nám tělo říká.pdf
2020-01-05 19:06 - 2020-01-05 19:06 - 010709413 _____ C:\Users\Toník\Downloads\Ca c'est du french cancan.mp4
2020-01-02 18:46 - 2020-01-02 18:46 - 012117647 _____ C:\Users\Toník\Downloads\__ ект Мерли.mp4
2020-01-01 22:35 - 2020-01-01 22:35 - 000116036 _____ C:\Users\Toník\Downloads\Návod k pouĹľitĂ CZ.pdf
2019-12-30 22:16 - 2019-12-30 22:16 - 009656955 _____ C:\Users\Toník\Downloads\New Bikes Christmas 2019.pdf
2019-12-30 14:10 - 2019-12-30 14:10 - 000093846 _____ C:\Users\Toník\Downloads\131057867_20191130_11_MCZS.pdf
2019-12-28 17:24 - 2019-12-28 17:24 - 000000000 ____D C:\Program Files\AEE MD Tools
2019-12-28 17:17 - 2007-03-12 14:28 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STK02NP.ax
2019-12-28 17:17 - 2007-03-12 14:26 - 000106496 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW2.sys
2019-12-28 17:17 - 2007-03-12 14:26 - 000028416 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW1.sys
2019-12-28 17:16 - 2008-12-17 19:22 - 000057344 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2019-12-28 17:16 - 2008-12-17 19:22 - 000050688 _____ C:\WINDOWS\SysWOW64\ff_acm.acm
2019-12-28 17:14 - 2019-12-28 17:24 - 000000589 _____ C:\Users\Administrator\Desktop\MDPlayer_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000575 _____ C:\Users\Administrator\Desktop\MDCap_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000569 _____ C:\Users\Administrator\Desktop\SetTime.lnk
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 13:59 - 2020-01-17 22:40 - 000000000 ____D C:\Users\Toník\AppData\Local\BlueStacks
2019-12-28 13:59 - 2019-12-28 14:05 - 000000000 ____D C:\Users\Public\BlueStacks
2019-12-28 13:59 - 2019-12-28 13:59 - 000962040 _____ (BlueStack Systems Inc.) C:\Users\Toník\Downloads\BlueStacksInstaller_4.150.11.4006_native_bf7c3d205a4379061269ca437d728955.exe
2019-12-24 23:18 - 2019-12-24 23:18 - 002101760 _____ C:\Users\Toník\Downloads\Cesko_humor_neopousti.pps
2019-12-20 22:02 - 2019-12-20 22:02 - 009837526 _____ C:\Users\Toník\Downloads\Televízia JOJ.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:55 - 2019-02-16 10:44 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-18 18:50 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 18:50 - 2013-08-22 15:44 - 000519072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-18 18:49 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-01-18 18:48 - 2019-02-18 21:41 - 000000000 ____D C:\ProgramData\BSD
2020-01-18 18:48 - 2016-05-05 09:20 - 000000000 ____D C:\Users\Toník\AppData\LocalLow\IObit
2020-01-18 18:48 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-01-18 18:47 - 2017-03-06 20:16 - 000000000 ____D C:\AdwCleaner
2020-01-18 18:26 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-01-18 18:06 - 2019-07-04 07:00 - 000000000 ____D C:\WINDOWS\Minidump
2020-01-18 18:06 - 2019-04-26 21:02 - 000000000 ____D C:\ProgramData\VSO
2020-01-18 18:06 - 2019-04-16 17:59 - 000000000 ____D C:\Users\Toník\AppData\Local\CrashDumps
2020-01-18 18:06 - 2019-03-06 22:20 - 000000000 ____D C:\Users\Toník\AppData\Roaming\PhotoScape
2020-01-18 18:06 - 2014-04-02 18:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-18 18:03 - 2019-03-06 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\CyberLink
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-01-17 22:45 - 2015-01-09 03:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-17 22:44 - 2019-07-11 17:20 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-17 22:44 - 2019-04-24 15:37 - 000004058 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556116623
2020-01-17 22:44 - 2019-04-16 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-17 22:44 - 2019-03-06 22:19 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-17 22:44 - 2019-03-06 22:19 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-17 22:44 - 2019-02-17 09:47 - 000003096 _____ C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-17 22:44 - 2019-02-16 21:45 - 000003258 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-01-17 22:44 - 2019-02-16 21:43 - 000003618 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-01-17 22:44 - 2015-01-09 03:36 - 000003056 _____ C:\WINDOWS\system32\Tasks\PDVDServ Task
2020-01-17 22:30 - 2019-03-14 17:58 - 000000000 ____D C:\Users\Toník\AppData\Roaming\vlc
2020-01-17 22:30 - 2019-02-16 21:49 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Audacity
2020-01-16 21:25 - 2013-03-31 13:34 - 000000000 ____D C:\Users\Toník\Documents\ELEKTRONIKA
2020-01-16 19:17 - 2019-04-26 05:20 - 000000000 ____D C:\Users\Public\CyberLink
2020-01-16 19:09 - 2019-02-17 08:57 - 000000000 ____D C:\Users\Toník\AppData\Roaming\CyberLink
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\Temp
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Cyberlink
2020-01-16 18:59 - 2019-02-16 10:56 - 000000000 ____D C:\Users\Tondape
2020-01-16 08:48 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník\AppData\Local\SweetLabs App Platform
2020-01-14 22:07 - 2019-02-17 10:15 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-01-14 22:00 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-01-14 18:21 - 2019-12-17 10:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-01-14 18:05 - 2016-09-14 10:21 - 000000000 ____D C:\FFOutput
2020-01-13 15:35 - 2014-02-28 10:35 - 000000000 ____D C:\Users\Toník\Documents\RECEPTY
2020-01-13 15:24 - 2019-03-28 16:08 - 000000000 ____D C:\Users\Toník\Desktop\DOSTÁLEK
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Users\Toník\AppData\Roaming\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\ProgramData\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-01-09 20:48 - 2015-01-09 04:01 - 000740602 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-09 20:48 - 2015-01-09 04:01 - 000152282 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-09 20:48 - 2014-03-18 10:53 - 001752150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-07 19:12 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník
2020-01-07 18:47 - 2014-04-02 17:38 - 000000000 ____D C:\Users\Administrator
2020-01-05 09:54 - 2014-02-19 10:46 - 000000000 ____D C:\Users\Toník\Documents\ZDRAVÍ
2020-01-04 12:54 - 2013-04-16 13:49 - 000000000 ____D C:\Users\Toník\KLÁVESY
2019-12-28 22:51 - 2016-12-27 20:48 - 000000000 ____D C:\Users\Toník\Documents\ADRESY
2019-12-28 19:28 - 2013-03-31 13:36 - 000000000 ____D C:\Users\Toník\Documents\REGISTRACE
2019-12-28 17:25 - 2019-02-16 10:38 - 000000000 ____D C:\Users\Toník\AppData\Local\VirtualStore
2019-12-28 17:24 - 2019-05-04 21:23 - 000000000 ____D C:\Program Files (x86)\ffdshow
2019-12-28 15:46 - 2015-07-23 10:16 - 000000000 ____D C:\Users\Toník\Documents\PRAKTICKÉ
2019-12-28 13:52 - 2019-10-30 22:52 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Google
2019-12-22 09:09 - 2019-08-21 20:34 - 000000000 ____D C:\ProgramData\Ashampoo
2019-12-21 12:55 - 2019-07-11 17:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2019-03-06 22:19 - 2019-03-06 22:20 - 004096000 _____ () C:\Program Files (x86)\GUTDD08.tmp
2019-02-22 23:27 - 2019-02-22 23:26 - 000518144 _____ () C:\Program Files (x86)\lame_enc.dll
2019-02-22 23:27 - 2019-02-22 23:26 - 000002060 _____ () C:\Program Files (x86)\lame_enc.ini
2019-04-26 21:02 - 2019-12-16 22:11 - 000099384 _____ () C:\Users\Toník\AppData\Roaming\inst.exe
2019-04-26 21:02 - 2019-12-16 22:11 - 000007859 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.cat
2019-04-26 21:02 - 2019-12-16 22:11 - 000001167 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.inf
2019-04-26 21:02 - 2019-12-16 22:11 - 000000055 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.log
2019-04-26 21:02 - 2019-12-16 22:11 - 000082816 _____ (VSO Software) C:\Users\Toník\AppData\Roaming\pcouffin.sys
2019-04-23 15:11 - 2019-05-12 19:47 - 000007168 _____ () C:\Users\Toník\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-08 10:08
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-01-2020
Ran by Tondape (18-01-2020 18:59:34)
Running from C:\Users\Toník\Desktop\LOG viry cz
Windows 8.1 Connected (Update) (X64) (2019-02-16 09:35:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1954234458-1285122646-2141783352-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-1954234458-1285122646-2141783352-501 - Limited - Disabled)
Tondape (S-1-5-21-1954234458-1285122646-2141783352-1001 - Administrator - Enabled) => C:\Users\Toník
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROPLUS_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROPLUS_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROPLUS_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
All Free Video Converter 8.8.2.4 (HKLM-x32\...\All Free Video Converter_is1) (Version: - FreeAudioVideoSoftTech, Inc.)
Any Audio Converter 1.0.2 (HKLM-x32\...\Any Audio Converter_is1) (Version: - Any-Audio-Converter.com)
Any Video Converter 6.3.7 (HKLM-x32\...\Any Video Converter) (Version: 6.3.7 - Anvsoft)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.20.2 - Ashampoo GmbH & Co. KG)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.2.2152.121 - AVAST Software)
Avi2Dvd 0.6.4 (HKLM-x32\...\Avi2Dvd) (Version: 0.6.4 - TrustFm)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Balíček ovladače systému Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
CAM-IN SUITE III (HKLM-x32\...\CAM-IN SUITE III) (Version: - )
Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7035 - CDBurnerXP)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.4020 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4002 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
DigitalCam Pro (HKLM-x32\...\VQ2210) (Version: - )
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0621 - Lenovo)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 8.00 - NCH Software)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Format Factory verze 1.5 (HKLM-x32\...\Format Factory_is1) (Version: 1.5 - )
FormatFactory 4.5.5.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.5.0 - Free Time)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FromDocToPDF Internet Explorer Homepage and New Tab (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\FromDocToPDFTooltab Uninstall Internet Explorer) (Version: - Mindspark Interactive Network, Inc.) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.300 - )
honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.22.1760 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.29 - Lenovo)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7104.52 - CyberLink Corp.)
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1901 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{5E35CA26-A9A2-47B8-AB52-8D0C9A3CA685}) (Version: 03.12.003 - Lenovo)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
MGI VideoWave 4 (HKLM-x32\...\{B246C325-1C49-4572-8665-7691EFE1D06B}) (Version: 4.1.1040.0 - MGI Software Corp.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Phone Nokia USB Driver (HKLM-x32\...\{7F1C627F-7F07-4B51-B50F-FF8C64881D6E}) (Version: 1.1.0 - Mobile)
PhotoFiltre 7 (HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\PhotoFiltre 7) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Presto! PageManager 7.15.14 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.14E - NewSoft)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 5.28 - NCH Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39054 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7106 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon iP7200 series (HKLM-x32\...\Registrace uživatele zařízení Canon iP7200 series) (Version: - Canon Inc.)
Rodokmen Pro verze 2.9 (HKLM-x32\...\Rodokmen Pro_is1) (Version: 2.9 - Martin Veškrna)
Room Arranger (32-bit) (HKLM-x32\...\Room Arranger) (Version: 9.5.5 - Jan Adamec)
ScanSoft OmniPage SE 4.0 (HKLM-x32\...\{C1E693A4-B1D5-4DCD-B68D-2087835B7184}) (Version: 15.00.0020 - Nuance Communications, Inc.)
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.0.3 - Lenovo)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video Grabber (HKLM-x32\...\{65C3253A-E984-4769-BC33-CBC8F059C408}) (Version: 1.00.0000 - dexatek)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 8.00 - NCH Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Packages:
=========
3GP Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.3GPViewerFree_1.1.0.0_neutral__7sv5v3m8wq0b2 [2017-10-12] (pauljohn)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.7.0.1_neutral__6e5tt8cgb93ep [2017-12-11] (Canon Inc.)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-10-12] (LENOVO INC.)
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-10-12] (FilmOn TV Inc.)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2017-10-12] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-10-12] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-10-12] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-10-12] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-10-12] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2014-01-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\Windows\SysWOW64\msaud32.acm [282896 2000-06-26] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32-x32: [VIDC.MPG4] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP42] => MPG4c32.dll
HKLM\...\Drivers32-x32: [VIDC.MP43] => MPG4c32.dll
HKLM\...\Drivers32: [msacm.sl_anet] => C:\Windows\SysWOW64\sl_anet.acm [86016 2000-05-27] (Sipro Lab Telecom Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\dvc.dll [8704 1999-07-23] (Adaptec) [File not signed]
HKLM\...\Drivers32-x32: [vidc.XVID] => xvid.dll
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [57344 2008-12-17] () [File not signed]
HKLM\...\Drivers32: [msacm.avis] => C:\Windows\SysWOW64\ff_acm.acm [50688 2008-12-17] () [File not signed]
HKLM\...\Drivers32-x32: [vidc.DIVX] => DivX.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-01-09 03:15 - 2011-05-17 22:27 - 000028672 _____ () [File not signed] C:\Windows\jmesoft\hidhook.dll
2019-02-17 10:17 - 2012-03-28 18:00 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2018-11-29 01:55 - 2018-11-29 01:55 - 000302080 _____ (Free Time) [File not signed] C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000514048 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2013-08-07 23:24 - 2013-08-07 23:24 - 000286720 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2015-01-09 03:35 - 2015-01-09 03:35 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:E7833B2E [236]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Toník\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.8.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "CLMLServer"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{3731419A-F533-487B-A85C-7CC3C2541442}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F64C3A02-28A9-4146-AF81-3DE703338674}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{96D8DFD4-6053-4CE8-8141-375668151E68}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D4510715-FC9F-46C9-A6FD-2D0CFBD0F68E}] => (Allow) C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D41338FA-4CB5-40E1-8677-441AD4B7B6A6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2C1A5DC9-E74A-402F-A7CE-1200F6D56CBE}] => (Allow) LPort=2869
FirewallRules: [{6EB7B2DE-D408-4A80-84E2-1B137EFF1FC3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{06522B24-674C-44A1-AA99-249EB92FD203}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{29EE8F34-6AFA-436B-BB6B-3EB40B91DB3A}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3AF944F2-05EB-4621-B9BB-4BBC819BBFA4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{ED818A91-D102-4285-9595-5DBC04EDEE7C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{DA8F5C00-941D-41FD-B9EA-02E6FE1E850E}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{F84D7AED-F779-43CA-8212-921D954AF5C8}] => (Allow) C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.exe (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
FirewallRules: [{886D8A58-6BA0-4E3F-9BEA-E7F3726B2C2B}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{8EF4FA0D-D1FA-4035-B1FF-9D161EFC5B80}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{96D71826-4F08-4756-80E9-14FB9D9DCFA4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
28-12-2019 17:16:52 Instalováno STK02N 2.3
06-01-2020 14:11:58 Scheduled Checkpoint
07-01-2020 18:46:08 Installed STOIK Video Converter 2
16-01-2020 18:44:29 Instalováno Video Grabber
17-01-2020 22:44:23 Configured MediaStory
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/18/2020 06:51:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:51:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (01/18/2020 06:50:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x5df073cc
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.19178, časové razítko: 0x5bc10573
Kód výjimky: 0xe0434352
Posun chyby: 0x00015ef8
ID chybujícího procesu: 0x688
Čas spuštění chybující aplikace: 0x01d5ce27c8758bc5
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
ID zprávy: 13200ebb-3a1b-11ea-829e-50af736e2a94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (01/18/2020 06:50:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: FreemakeUtilsService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
at FreemakeUtilsService.Program.Main(System.String[])
Error: (01/18/2020 06:19:33 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.
Error: (01/18/2020 06:03:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Audacity\audacity.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
System errors:
=============
Error: (01/18/2020 06:53:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 70
Error: (01/18/2020 06:53:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Ze vzdáleného koncového bodu byla přijata následující výstraha o závažné chybě. Kód výstrahy o závažné chybě definovaný protokolem TLS: 20
Error: (01/18/2020 06:50:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Freemake Improver neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (01/18/2020 06:50:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Freemake Improver bylo dosaženo časového limitu (30000 ms).
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Cyberlink RichVideo Service(CRVS) byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Machine Debug Manager byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (01/18/2020 06:48:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo System Agent Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-02-16 21:55:44.331
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.300
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.268
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.237
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.206
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:44.159
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfeaaca.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 21:55:43.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfemms.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\McAfee\systemcore\mfehida.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2019-02-16 12:18:03.482
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: LENOVO IEKT28AUS 09/10/2014
Motherboard: LENOVO SHARKBAY
Processor: Intel(R) Pentium(R) CPU G3250 @ 3.20GHz
Percentage of memory in use: 54%
Total physical RAM: 4010.23 MB
Available physical RAM: 1833.7 MB
Total Virtual: 4778.23 MB
Available Virtual: 2982.48 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.5 GB) (Free:64.52 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{b58c29e0-d51a-4641-8504-78e626273fe5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{8be3add2-2d7e-4c87-a83a-90169c331096}\ (PBR_DRV) (Fixed) (Total:24.41 GB) (Free:14.71 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8966D51F)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-01-2020
Ran by Tondape (administrator) on TONYPC (LENOVO 90B8002NCK) (18-01-2020 18:57:39)
Running from C:\Users\Toník\Desktop\LOG viry cz
Loaded Profiles: Tondape (Available Profiles: Tondape & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: Angličtina (Spojené státy)
Default browser: IE
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Windows\jmesoft\JME_LOAD.exe
() [File not signed] C:\Windows\jmesoft\Service.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() [File not signed] C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CyberLink -> ) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LENOVO -> LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) [File not signed] C:\Windows\jmesoft\hotkey.exe
(Lenovo.Ltd -> Lenovo) C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Nuance Communications, Inc. -> ScanSoft, Inc.) C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpWareSE4.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAStorIcon] => C:\PROGRAM FILES\INTEL\INTEL(R) RAPID STORAGE TECHNOLOGY\IASTORICON.EXE [287592 2013-08-07] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE [13662936 2013-10-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVBG64.EXE [1368792 2013-11-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\X64\3\WRTMON.EXE [20480 2006-09-20] () [File not signed]
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [jmekey] => C:\windows\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [File not signed]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-17] () [File not signed]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [185896 2006-09-28] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304 2006-10-11] (Nuance Communications, Inc. -> ScanSoft, Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1273448 2012-04-03] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [] => [X]
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [AvastBrowserAutoLaunch_06F5B0DAAA388223B397ADE619A50631] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Policies\Explorer: [NoDrives] 00000003
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {177e3cbc-1a93-11ea-8290-5cf3708744e4} - "F:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {a860cec2-59c4-11e9-8268-5cf3708744e4} - "D:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {af8a381c-87c5-11e9-827a-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {fe7171f4-a311-11e9-827d-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.121\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\Installer\chrmstp.exe [2019-11-27] (AVAST Software s.r.o. -> AVAST Software)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00140ED9-A19E-4D72-A0F7-C9D86D172A4C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [10920216 2018-09-06] (Lenovo -> Lenovo)
Task: {00CA9A37-965F-4688-AC76-E199CE16775D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {137C863F-2119-4232-907D-08338A8A0A23} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5}
Task: {28B98797-7696-49BE-8025-A65EB4393538} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.207\DADUpdater.exe
Task: {2EF8A5C7-345B-4186-9FFC-0AB36C13A948} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {31187E21-A939-4185-BD83-E4F79E485CD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {31E50369-7E83-4DA2-9A14-4019EFD5C927} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001 => C:\Users\Toník\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2019-02-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {32AC435E-AC06-480C-AEBE-CDB60A963D46} - System32\Tasks\Opera scheduled Autoupdate 1556116623 => C:\Users\Toník\AppData\Local\Programs\Opera\launcher.exe
Task: {35BF9601-A8F5-4A04-8CB6-F14D43BC02C8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4EA016A3-67AF-4E1B-A3C2-A53B3D400E82} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {641A1418-8E08-42C7-A961-D061E972E81E} - System32\Tasks\NCH Software\VideoPadCacheDeleteAll => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe [7132216 2020-01-08] (NCH Software, Inc. -> NCH Software)
Task: {6F2B19B8-79BE-40F9-B697-34D5DD9AC17F} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321240 2018-09-06] (Lenovo -> Lenovo)
Task: {7500C0AE-426A-447E-AC19-BF6309D9113A} - System32\Tasks\NCH Software\ExpressBurnDowngrade => C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe [2119272 2019-08-30] (NCH Software, Inc. -> NCH Software)
Task: {79201894-BED3-4A66-8886-54B5DE398F5B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1850312 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {7C573F00-15F6-4F2C-8E6A-28E412EC2C2E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {80F1B679-0EAD-40C8-99FB-16F04A25360A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {82C856F8-4B48-4BF5-A3C7-3075FC97376E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {84EF080C-7F14-4125-838F-C8D0C8F06EC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {89786E36-4763-46CB-A188-A7D28E43E9D9} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
Task: {8D4E57E8-7752-4759-A503-223AC3907608} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {8DFF223C-1738-4689-AD2C-F47EDD434E78} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [331544 2018-09-06] (Lenovo -> )
Task: {8F915DBF-E8C3-42B8-BDE0-E3139D717751} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {973BA9A0-D9EA-40A6-B4AF-D7723392F96F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {9744ED5E-35F4-417A-B6B3-B333E2F9C975} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {A36BBCED-A263-42E1-85C9-AB53B4FA2471} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {A85CB4EE-0016-42AB-BEBE-982465EC48FD} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [33536 2014-05-22] (LENOVO -> )
Task: {AA69E507-9BB9-4A96-9889-DCF068F69BB1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {D8853E32-153D-4859-A151-D16CEFFED362} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C}
Task: {F72703D0-0C48-423C-B0EB-8A557238268C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-05-30] (LENOVO -> Lenovo)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{56845C44-BE37-4715-88E3-ACB88AF0976C}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> DefaultScope {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {28CFE0E0-0BD3-4FA4-A51C-7D7A41368B27} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {99C3A135-AB93-471E-808F-5875215079D9} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {F8C6F653-5A24-48BE-98D5-FF2BE590C2E1} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-04-13]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-03] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://seznam.cz/"
CHR Profile: C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default [2020-01-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-12-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Chrome Media Router) - C:\Users\Toník\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-05-04] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.2.2152.121\elevation_service.exe [970088 2019-11-05] (AVAST Software s.r.o. -> AVAST Software)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [81280 2019-12-11] (Mixbyte Inc -> Freemake)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-10-22] (Huawei Technologies Co., Ltd. -> ) [File not signed]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-17] () [File not signed]
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO -> LENOVO INCORPORATED.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [337688 2018-09-06] (Lenovo -> Lenovo)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2019-03-19] (McAfee, Inc. -> McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2008-12-31] (CyberLink -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [321224 2014-08-16] (Lenovo.Ltd -> Lenovo)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 DCamUSBSTK02N; C:\WINDOWS\system32\DRIVERS\STK02NW2.sys [106496 2007-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Syntek Ltd.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [511024 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109072 2018-11-19] (McAfee, Inc. -> McAfee LLC.)
S3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [117800 2019-01-22] (McAfee, Inc. -> McAfee, LLC)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 X86BDA; C:\WINDOWS\system32\DRIVERS\OEMDrv.sys [666624 2012-04-27] (Microsoft Windows Hardware Compatibility Publisher -> )
U1 aswbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:25 - 2020-01-18 18:58 - 000000000 ____D C:\FRST
2020-01-18 18:14 - 2020-01-18 18:46 - 000000000 ____D C:\Users\Toník\Desktop\LOG viry cz
2020-01-18 18:03 - 2020-01-18 18:03 - 000003870 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-01-18 18:03 - 2020-01-18 18:03 - 000002808 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-01-18 18:03 - 2020-01-18 18:03 - 000002331 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000805 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-01-18 18:03 - 2020-01-18 18:03 - 000000000 ____D C:\Program Files\CCleaner
2020-01-18 18:01 - 2020-01-18 18:01 - 024578944 _____ (Piriform Software Ltd) C:\Users\Toník\Downloads\ccsetup563.exe
2020-01-16 19:32 - 2020-01-16 19:32 - 000000000 _____ C:\WINDOWS\PhotoNow.INI
2020-01-16 19:28 - 2020-01-16 19:28 - 000001639 _____ C:\Users\Toník\Desktop\PhotoNow – zástupce.lnk
2020-01-16 19:09 - 2020-01-16 19:09 - 000000000 ___HD C:\Users\Toník\Documents\ShadowEditFiles
2020-01-16 18:59 - 2020-01-18 18:51 - 000002078 _____ C:\Users\Toník\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Tondape\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Default User\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000002096 _____ C:\Users\Administrator\Desktop\CyberLink PowerDirector.lnk
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Tondape\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:59 - 2020-01-16 18:59 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2020-01-16 18:45 - 2020-01-16 18:45 - 000000000 ____D C:\Program Files (x86)\dexatek
2020-01-15 20:32 - 2020-01-15 20:32 - 009635328 _____ C:\Users\Toník\Downloads\Fotky_s_velkou_hvezdickou1.pps
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001180 _____ C:\ProgramData\Desktop\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000001132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\ProgramData\Canneverbe Limited
2020-01-14 18:40 - 2020-01-14 18:40 - 000000000 ____D C:\Program Files (x86)\CDBurnerXP
2020-01-14 18:34 - 2020-01-14 18:34 - 000000034 _____ C:\WINDOWS\cdplayer.ini
2020-01-14 18:27 - 2020-01-14 18:27 - 011755864 _____ C:\Users\Toník\Downloads\download-audiograbber.exe
2020-01-13 23:00 - 2020-01-13 22:59 - 000206355 _____ C:\Users\Toník\Downloads\Pitný režim.pdf
2020-01-13 18:33 - 2020-01-13 18:33 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001 (1).pdf
2020-01-13 15:41 - 2020-01-13 15:41 - 000436530 _____ C:\Users\Toník\Downloads\IMG_20200113_0001.pdf
2020-01-13 15:30 - 2020-01-16 20:54 - 000000000 ____D C:\Users\Toník\Documents\VHS TO DVD
2020-01-13 11:12 - 2020-01-13 11:12 - 000000000 ____D C:\Users\Toník\Documents\VideoPad Projects
2020-01-13 10:36 - 2020-01-13 10:36 - 000000000 ____D C:\Users\Toník\AppData\Local\Meltytech
2020-01-13 09:24 - 2020-01-13 09:24 - 000001177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\Users\Public\Desktop\VideoPad Video Editor.lnk
2020-01-13 09:24 - 2020-01-13 09:24 - 000001165 _____ C:\ProgramData\Desktop\VideoPad Video Editor.lnk
2020-01-12 09:40 - 2020-01-12 09:40 - 007773132 _____ C:\Users\Toník\Downloads\eifelovka best.mp4
2020-01-11 08:55 - 2020-01-11 08:55 - 003857408 _____ C:\Users\Toník\Downloads\Hollywood_Oldies_2015.pps
2020-01-10 11:43 - 2020-01-10 11:43 - 006379520 _____ C:\Users\Toník\Downloads\pohadkovy klaster na vyhasle sopce12.pps
2020-01-07 18:47 - 2020-01-07 18:47 - 000000000 ____D C:\Users\Toník\AppData\Roaming\STOIK
2020-01-07 18:23 - 2020-01-07 18:23 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-01-07 18:18 - 2020-01-07 18:19 - 015534753 _____ C:\Users\Toník\Downloads\golden-videos.exe
2020-01-05 19:12 - 2020-01-05 19:12 - 005324958 _____ C:\Users\Toník\Downloads\HRABICA Miroslav - Co nám tělo říká.pdf
2020-01-05 19:06 - 2020-01-05 19:06 - 010709413 _____ C:\Users\Toník\Downloads\Ca c'est du french cancan.mp4
2020-01-02 18:46 - 2020-01-02 18:46 - 012117647 _____ C:\Users\Toník\Downloads\__ ект Мерли.mp4
2020-01-01 22:35 - 2020-01-01 22:35 - 000116036 _____ C:\Users\Toník\Downloads\Návod k pouĹľitĂ CZ.pdf
2019-12-30 22:16 - 2019-12-30 22:16 - 009656955 _____ C:\Users\Toník\Downloads\New Bikes Christmas 2019.pdf
2019-12-30 14:10 - 2019-12-30 14:10 - 000093846 _____ C:\Users\Toník\Downloads\131057867_20191130_11_MCZS.pdf
2019-12-28 17:24 - 2019-12-28 17:24 - 000000000 ____D C:\Program Files\AEE MD Tools
2019-12-28 17:17 - 2007-03-12 14:28 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\STK02NP.ax
2019-12-28 17:17 - 2007-03-12 14:26 - 000106496 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW2.sys
2019-12-28 17:17 - 2007-03-12 14:26 - 000028416 _____ (Syntek Ltd.) C:\WINDOWS\system32\Drivers\STK02NW1.sys
2019-12-28 17:16 - 2008-12-17 19:22 - 000057344 _____ C:\WINDOWS\SysWOW64\ff_vfw.dll
2019-12-28 17:16 - 2008-12-17 19:22 - 000050688 _____ C:\WINDOWS\SysWOW64\ff_acm.acm
2019-12-28 17:14 - 2019-12-28 17:24 - 000000589 _____ C:\Users\Administrator\Desktop\MDPlayer_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000575 _____ C:\Users\Administrator\Desktop\MDCap_en.lnk
2019-12-28 17:14 - 2019-12-28 17:24 - 000000569 _____ C:\Users\Administrator\Desktop\SetTime.lnk
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 17:14 - 2019-12-28 17:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AEE MD Tools
2019-12-28 13:59 - 2020-01-17 22:40 - 000000000 ____D C:\Users\Toník\AppData\Local\BlueStacks
2019-12-28 13:59 - 2019-12-28 14:05 - 000000000 ____D C:\Users\Public\BlueStacks
2019-12-28 13:59 - 2019-12-28 13:59 - 000962040 _____ (BlueStack Systems Inc.) C:\Users\Toník\Downloads\BlueStacksInstaller_4.150.11.4006_native_bf7c3d205a4379061269ca437d728955.exe
2019-12-24 23:18 - 2019-12-24 23:18 - 002101760 _____ C:\Users\Toník\Downloads\Cesko_humor_neopousti.pps
2019-12-20 22:02 - 2019-12-20 22:02 - 009837526 _____ C:\Users\Toník\Downloads\Televízia JOJ.mp4
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-01-18 18:55 - 2019-02-16 10:44 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-18 18:50 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-18 18:50 - 2013-08-22 15:44 - 000519072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-01-18 18:49 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2020-01-18 18:48 - 2019-02-18 21:41 - 000000000 ____D C:\ProgramData\BSD
2020-01-18 18:48 - 2016-05-05 09:20 - 000000000 ____D C:\Users\Toník\AppData\LocalLow\IObit
2020-01-18 18:48 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Amazon
2020-01-18 18:47 - 2017-03-06 20:16 - 000000000 ____D C:\AdwCleaner
2020-01-18 18:26 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2020-01-18 18:06 - 2019-07-04 07:00 - 000000000 ____D C:\WINDOWS\Minidump
2020-01-18 18:06 - 2019-04-26 21:02 - 000000000 ____D C:\ProgramData\VSO
2020-01-18 18:06 - 2019-04-16 17:59 - 000000000 ____D C:\Users\Toník\AppData\Local\CrashDumps
2020-01-18 18:06 - 2019-03-06 22:20 - 000000000 ____D C:\Users\Toník\AppData\Roaming\PhotoScape
2020-01-18 18:06 - 2014-04-02 18:34 - 000000000 ___DC C:\WINDOWS\Panther
2020-01-18 18:03 - 2019-03-06 22:19 - 000000000 ____D C:\Program Files (x86)\Google
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\CyberLink
2020-01-17 22:45 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Lenovo
2020-01-17 22:45 - 2015-01-09 03:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-01-17 22:44 - 2019-07-11 17:20 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-01-17 22:44 - 2019-04-24 15:37 - 000004058 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1556116623
2020-01-17 22:44 - 2019-04-16 14:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-01-17 22:44 - 2019-03-06 22:19 - 000003388 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-01-17 22:44 - 2019-03-06 22:19 - 000003260 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-01-17 22:44 - 2019-02-17 09:47 - 000003096 _____ C:\WINDOWS\system32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1954234458-1285122646-2141783352-1001
2020-01-17 22:44 - 2019-02-16 21:45 - 000003258 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-01-17 22:44 - 2019-02-16 21:43 - 000003618 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-01-17 22:44 - 2015-01-09 03:36 - 000003056 _____ C:\WINDOWS\system32\Tasks\PDVDServ Task
2020-01-17 22:30 - 2019-03-14 17:58 - 000000000 ____D C:\Users\Toník\AppData\Roaming\vlc
2020-01-17 22:30 - 2019-02-16 21:49 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Audacity
2020-01-16 21:25 - 2013-03-31 13:34 - 000000000 ____D C:\Users\Toník\Documents\ELEKTRONIKA
2020-01-16 19:17 - 2019-04-26 05:20 - 000000000 ____D C:\Users\Public\CyberLink
2020-01-16 19:09 - 2019-02-17 08:57 - 000000000 ____D C:\Users\Toník\AppData\Roaming\CyberLink
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\ProgramData\Temp
2020-01-16 19:00 - 2015-01-09 03:29 - 000000000 ____D C:\Program Files (x86)\Cyberlink
2020-01-16 18:59 - 2019-02-16 10:56 - 000000000 ____D C:\Users\Tondape
2020-01-16 08:48 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník\AppData\Local\SweetLabs App Platform
2020-01-14 22:07 - 2019-02-17 10:15 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-01-14 22:00 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-01-14 18:21 - 2019-12-17 10:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2020-01-14 18:05 - 2016-09-14 10:21 - 000000000 ____D C:\FFOutput
2020-01-13 15:35 - 2014-02-28 10:35 - 000000000 ____D C:\Users\Toník\Documents\RECEPTY
2020-01-13 15:24 - 2019-03-28 16:08 - 000000000 ____D C:\Users\Toník\Desktop\DOSTÁLEK
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Users\Toník\AppData\Roaming\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\ProgramData\NCH Software
2020-01-13 09:24 - 2019-12-17 10:34 - 000000000 ____D C:\Program Files (x86)\NCH Software
2020-01-09 20:48 - 2015-01-09 04:01 - 000740602 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-09 20:48 - 2015-01-09 04:01 - 000152282 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-09 20:48 - 2014-03-18 10:53 - 001752150 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-07 19:12 - 2019-02-16 10:29 - 000000000 ____D C:\Users\Toník
2020-01-07 18:47 - 2014-04-02 17:38 - 000000000 ____D C:\Users\Administrator
2020-01-05 09:54 - 2014-02-19 10:46 - 000000000 ____D C:\Users\Toník\Documents\ZDRAVÍ
2020-01-04 12:54 - 2013-04-16 13:49 - 000000000 ____D C:\Users\Toník\KLÁVESY
2019-12-28 22:51 - 2016-12-27 20:48 - 000000000 ____D C:\Users\Toník\Documents\ADRESY
2019-12-28 19:28 - 2013-03-31 13:36 - 000000000 ____D C:\Users\Toník\Documents\REGISTRACE
2019-12-28 17:25 - 2019-02-16 10:38 - 000000000 ____D C:\Users\Toník\AppData\Local\VirtualStore
2019-12-28 17:24 - 2019-05-04 21:23 - 000000000 ____D C:\Program Files (x86)\ffdshow
2019-12-28 15:46 - 2015-07-23 10:16 - 000000000 ____D C:\Users\Toník\Documents\PRAKTICKÉ
2019-12-28 13:52 - 2019-10-30 22:52 - 000000000 ____D C:\Users\Toník\AppData\Roaming\Google
2019-12-22 09:09 - 2019-08-21 20:34 - 000000000 ____D C:\ProgramData\Ashampoo
2019-12-21 12:55 - 2019-07-11 17:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories ========
2019-03-06 22:19 - 2019-03-06 22:20 - 004096000 _____ () C:\Program Files (x86)\GUTDD08.tmp
2019-02-22 23:27 - 2019-02-22 23:26 - 000518144 _____ () C:\Program Files (x86)\lame_enc.dll
2019-02-22 23:27 - 2019-02-22 23:26 - 000002060 _____ () C:\Program Files (x86)\lame_enc.ini
2019-04-26 21:02 - 2019-12-16 22:11 - 000099384 _____ () C:\Users\Toník\AppData\Roaming\inst.exe
2019-04-26 21:02 - 2019-12-16 22:11 - 000007859 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.cat
2019-04-26 21:02 - 2019-12-16 22:11 - 000001167 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.inf
2019-04-26 21:02 - 2019-12-16 22:11 - 000000055 _____ () C:\Users\Toník\AppData\Roaming\pcouffin.log
2019-04-26 21:02 - 2019-12-16 22:11 - 000082816 _____ (VSO Software) C:\Users\Toník\AppData\Roaming\pcouffin.sys
2019-04-23 15:11 - 2019-05-12 19:47 - 000007168 _____ () C:\Users\Toník\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-01-08 10:08
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: preventivní kontrola pc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Toník\Desktop\LOG viry cz jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\Temp:E7833B2E [236]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Run: [] => [X]
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {177e3cbc-1a93-11ea-8290-5cf3708744e4} - "F:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {a860cec2-59c4-11e9-8268-5cf3708744e4} - "D:\Setup.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {af8a381c-87c5-11e9-827a-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\MountPoints2: {fe7171f4-a311-11e9-827d-5cf3708744e4} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1954234458-1285122646-2141783352-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [2755504 2016-08-27] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {31187E21-A939-4185-BD83-E4F79E485CD9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
Task: {84EF080C-7F14-4125-838F-C8D0C8F06EC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-06] (Google Inc -> Google Inc.)
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL = hxxp://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q={searchTerms}&crm=1&toolbar=DVS
SearchScopes: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> {F8C6F653-5A24-48BE-98D5-FF2BE590C2E1} URL =
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-04-16] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1954234458-1285122646-2141783352-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-04-16] (Google Inc -> Google Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
U1 aswbdisk; no ImagePath
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Program Files (x86)\GUTDD08.tmp
C:\Users\Toník\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?