Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivka

Patříte mezi Vzorné návštěvníky? Pak je tato sekce pro vás.

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#16 Příspěvek od dinospages »

Ahoj, po par dnech mi zacaly vyskakovat reklamy viz priloha, nekde jsem se doslechl ze by melo jit o nejakou neprijemnou havet (odposlech). Prosím o kontrolu a podrobnosti o jakou havet se jedna, vyskakuje to i hodne známým na mobilech s ANDROIDEM (napr se to tvari jako zprava z google chrome, whatsapp, ci jiných messengeru .

Moc děkuji za osvětu. Je to fakt rozšířený na hodne zarizenich at uz PC notebook či mobil.

Poprosil bych aby se do toho mohl vložit i RUDY, moc díky že mu řekneš.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.04.2019
Ran by lenovo (administrator) on LENOVO-PC (LENOVO 20A7003UMC) (28-04-2019 21:57:59)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Windows 10 Pro Version 1803 17134.648 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1902.42.0_x64__8wekyb3d8bbwe\Calculator.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ANDREA VACONDIO -> ANDREA VACONDIO) C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(C. Ghisler & Co. -> C. Ghisler & Co.) C:\totalcmd\TOTALCMD.EXE
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\71.4.108\QtWebEngineProcess.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\dfrctl.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tposd.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo -> Lenovo) C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\TpShocks.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControl.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlInput.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe.bak
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Integration\Integrator.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.PeopleExperienceHost_cw5n1h2txyewy\PeopleExperienceHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Monet+, a.s. -> Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Opera Software AS -> ) C:\Windows\System32\config\systemprofile\Downloads\opera autoupdate\CProgram FilesOpera developer\8960_22021\Opera_Developer_61.0.3282.0-61.0.3275.0_Patch_x64.exe
(Opera Software AS -> ) C:\Windows\System32\config\systemprofile\Downloads\opera autoupdate\CProgram FilesOpera\9276_25216\Opera_Stable_58.0.3135.132-58.0.3135.127_Patch_x64.exe
(Opera Software AS -> ) C:\Windows\System32\config\systemprofile\Downloads\opera autoupdate\CProgram FilesOpera\9908_9435\Opera_Stable_58.0.3135.132-58.0.3135.127_Patch_x64.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera developer\61.0.3275.0\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera developer\61.0.3275.0\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Opera Software AS -> Opera Software) C:\Program Files\Opera\58.0.3135.127\opera_autoupdate.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [151768 2013-09-19] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
HKLM\...\Run: [HP Color LaserJet CM2320 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [260488 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5537088 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HPUsageTracking] => "C:\Program Files (x86)\HP\HP UT\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT\"
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare software CO., LIMITED -> Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\lenovo\AppData\Local\slack\Update.exe [1559056 2019-01-26] (Slack Technologies, Inc. -> )
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49654728 2018-06-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [698328 2019-02-21] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\RunOnce: [Uninstall 19.043.0304.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\19.043.0304.0005\amd64"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\RunOnce: [Uninstall 19.043.0304.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lenovo\AppData\Local\Microsoft\OneDrive\19.043.0304.0005"
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\msaud32_divx.acm [186368 2003-02-03] (Microsoft Corporation) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-10] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{65CD7F9B-E8F3-4bb0-82EB-6F6875B745DF}] -> C:\WINDOWS\system32\LMIinit.dll [2016-10-12] (LogMeIn, Inc. -> LogMeIn, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-10-13]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ThinkPad OneLink Dock Management.lnk [2015-10-27]
ShortcutTarget: ThinkPad OneLink Dock Management.lnk -> C:\Program Files (x86)\Lenovo\OneLink Dock\onelinkpromgn.exe () [File not signed]
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-03-16]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0228146C-FD0D-47A1-80BB-FAAF4C4D0824} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {08407A7C-FF6B-4C09-B755-C6D95165A64B} - System32\Tasks\RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {09E55BF0-C096-4365-8519-98A71A2BF97B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-06-02] (LENOVO -> )
Task: {0DFBEDA0-7D8C-49B9-8236-4A440254771A} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {1A98D896-20A5-46D5-A125-3365A27ACA94} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149032 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {1AC248B0-721D-4CF5-AD45-693635A1BD01} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1372392 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {1BD8C8F6-E6B8-423F-8382-E5018BBCD345} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CAD2A15-582E-4D57-9B47-293F98554745} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [112528 2018-11-06] (Lenovo -> Lenovo)
Task: {2050DA6D-ED79-4C84-AB31-12E1192BDDD0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6204256 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {21B1C672-FBA3-4A02-932A-BD9AFF05867F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6204256 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {237FF799-C170-4967-A42A-E1B53C149B9F} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgrInst.exe [60304 2018-11-06] (Lenovo -> )
Task: {26F35B58-452F-46EB-9439-C75454DC3329} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {2773A43E-8F69-4743-979D-9F9D2C4E3A73} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1732064c-8150-4c01-8615-41187c66348d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [58176 2017-07-22] () [File not signed]
Task: {2C3337A4-80A3-4286-AC60-456538533D9F} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4214872 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {372257BC-A33C-4E69-B9E9-4ADCA43C2B35} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2380088 2019-04-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {3EEDD1EF-C09A-4392-8186-B725986B5C9B} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {40C09469-038D-40F7-9F33-2BF641328610} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {442F2FCB-B71C-45FC-8F7B-A31B1B8EF1EB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe
Task: {47D2703D-A2D7-49E5-97FE-402DCEE22044} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1502712 2017-09-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {4D3506B5-4DF1-4555-AB74-EBB039AE8EAD} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149032 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D8BEF35-F690-49DF-A142-82FD7F0F59D9} - System32\Tasks\Opera scheduled Autoupdate 1493069008 => C:\Program Files\Opera developer\launcher.exe [1744984 2019-04-23] (Opera Software AS -> Opera Software)
Task: {4DACA452-3F57-4E21-8A24-C670317C3FC5} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {50686E5A-60F5-4F11-AE2C-D017C1CFE31F} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {510F9E47-1434-4704-BDCC-441601C402FD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-04-11] (Adobe Inc. -> Adobe)
Task: {5188F072-1187-4C56-8988-8D1D04E1D192} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {63CC28A4-6568-4C3A-8554-224CA6B10987} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6A0A2045-A7ED-42CD-A237-4CBF97DA2203} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16864 2015-12-11] (LENOVO -> Lenovo)
Task: {709AE65A-7040-4C7A-A7A3-CA4F37A958BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {72697DB9-B867-4491-B4C1-B3F13DD710A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {80B9D14E-4E1D-4534-898B-E1D8F25CD4D9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-02] (LENOVO -> Lenovo)
Task: {8198BBBD-B6E2-4289-88D6-1CCF40AF768C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc -> Dropbox, Inc.)
Task: {89C58118-0DA8-4F19-ABA0-CB5ACFECDED0} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {8D96780B-8F9E-4308-A2BC-8A408CAA1E57} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_171_pepper.exe [1452600 2019-04-11] (Adobe Inc. -> Adobe)
Task: {8FAF77C0-EE7F-44C0-B53C-25E6F9D1789C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {8FD3C403-CDD8-4124-8833-C512911B09EA} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\ea35caa3-4cee-40cc-b6a2-5ed8a3240e32 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [58176 2017-07-22] () [File not signed]
Task: {94CF9BD6-09A6-48A3-AB41-7DACA49C3EE4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9A03A3BA-8816-4CAC-B072-C3BA146568B6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A20636FC-1EB7-4954-B4C1-5E040840D6DE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {A38A9671-E430-49DC-B485-018FA2985426} - System32\Tasks\Lenovo Power Management Driver PnP Task => C:\WINDOWS\System32\ibmpmsvc.exe [851800 2018-12-26] (Lenovo -> Lenovo.)
Task: {AC1C00D5-0558-4B32-AFA3-8EF615E8F501} - System32\Tasks\Lenovo Active Protection System => C:\WINDOWS\system32\TpShUI.exe [120424 2017-03-21] (Lenovo -> Lenovo.)
Task: {AEC80B48-2E92-401E-8211-0315E026B8B5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1EFBF0D-7FDB-4CD8-ADC4-6CB09D9AE40C} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {B95A98A4-DB1C-4D66-8E34-1CFF9C9DE096} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2195016 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF15777B-0D0F-4495-B1B4-ECFAB4B7307C} - System32\Tasks\Avast SecureLine Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1372392 2019-02-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {C2627A16-2C4C-4A7B-870A-47C96616CAE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
Task: {C6D147BB-22A8-4332-92D0-B164D7ACDB1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C73DD919-FF74-49FD-9C5D-3096C69C027F} - System32\Tasks\Lenovo\Gesture Control => C:\Program Files (x86)\eyeSight\Gesture Control\GestureControl.exe [972408 2013-11-23] (eyeSight Mobile Technologies Ltd. -> Lenovo)
Task: {C78E8536-F996-43BB-865E-01618817E6E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
Task: {C9E9971E-5727-41C3-9EF6-A10F4D6A8D40} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {D4599AE9-5E8B-4358-92D5-8228F83172DC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9944400 2016-06-02] (LENOVO -> Lenovo)
Task: {D4FD2967-605C-44C2-991B-6B1B22594BBF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-06-02] (LENOVO -> Lenovo)
Task: {DD9D090F-1643-4AF5-AA81-8C72718FB3C0} - System32\Tasks\Opera scheduled Autoupdate 1493068622 => C:\Program Files\Opera\launcher.exe [1465432 2019-03-28] (Opera Software AS -> Opera Software)
Task: {E8488719-C157-4A3F-B2D2-29E53D2B3DA2} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2925960 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
Task: {EA351213-C6F4-4522-A60D-63E370FE6B66} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758488 2019-01-25] (Lenovo -> )
Task: {EF6C8811-0AFE-483A-AC83-32E0538FB98E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a73ab013-31ae-48bb-9220-71e175a96ff3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [58176 2017-07-22] () [File not signed]
Task: {F5AE0A5D-CD8A-4BF9-98FE-D1D502DD391C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2195016 2019-04-28] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\Lenovo Active Protection System.job => C:\WINDOWS\system32\TpShUI.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{248c8a2a-0330-4cc6-bbc1-312e7fe93e40}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5ebcd77b-01c5-410b-a10e-0794c8c38a58}: [DhcpNameServer] 192.168.0.1 192.168.0.1
Tcpip\..\Interfaces\{96554154-1a4e-47d6-bdca-a2b738f91d24}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{c3a1389c-bacc-423c-85d0-58889e326a7b}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13-comm.msn.com/?pc=LNJB
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> DefaultScope {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-04-28] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: g6d930ts.default
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g6d930ts.default [2019-04-26]
FF Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g6d930ts.default\Extensions\firefox@zenmate.com.xpi [2017-06-05] [Legacy]
FF Extension: (Avast Passwords) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g6d930ts.default\Extensions\jid1-r1tDuNiNb4SEww@jetpack.xpi [2017-04-16] [Legacy]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g6d930ts.default\Extensions\sp@avast.com.xpi [2019-04-28]
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\g6d930ts.default\Extensions\wrc@avast.com.xpi [2018-06-28]
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: csas.cz/Partner24 -> C:\Program Files (x86)\Partner24\npPartner24.dll [2016-11-14] (Ceska sporitelna, a.s.) [File not signed]
FF Plugin HKU\S-1-5-21-1864349024-1291946563-1421522111-1001: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [2018-02-20] (TD Ameritrade) [File not signed]
FF Plugin HKU\S-1-5-21-1864349024-1291946563-1421522111-1001: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [2018-02-20] (TD Ameritrade) [File not signed]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2019-04-28]
CHR Extension: (Adobe Acrobat) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-03-16]
CHR Extension: (Avast Passwords) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2019-04-15]
CHR Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2019-04-26]
CHR Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-03-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2019-03-22]
CHR Extension: (IE Tab) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2019-04-27]
CHR Extension: (Přihlášení do aplikace Partner24) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcimcldmgjgkdhdgifbfiblffdhddbpa [2019-03-18]
CHR Extension: (True Key™ by McAfee) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbeldjopgciegccabfohnefghfpinncn [2019-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-16]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-27]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-19]
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-19]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (LastPass: Free Password Manager) - C:\Users\lenovo\AppData\Roaming\Opera Software\Opera Stable\Extensions\hnjalnkldgigidggphhmacmimbdlafdo [2019-03-29]
StartMenuInternet: (HKLM) Operadeveloper - C:\Program Files\Opera developer\Launcher.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc. -> Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6570352 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [360440 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [541896 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2016-11-23] (Intel(R) pGFX -> Intel Corporation)
S2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [58176 2017-07-22] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [136288 2012-08-11] (Lenovo(Japan)Ltd. -> Lenovo Group Limited)
S2 LPlatSvc; C:\WINDOWS\System32\LPlatSvc.exe [892760 2018-12-26] (Lenovo -> Lenovo.)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (LENOVO -> Lenovo)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [24192 2018-03-06] (OpenVPN Technologies, Inc. -> )
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [74712 2019-02-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 ovpnagent; C:\Program Files (x86)\OpenVPN Technologies\PrivateTunnel\ovpnagent.exe [900840 2017-08-14] (OpenVPN Technologies, Inc. -> )
R2 PDFsam Manager; C:\ProgramData\ANDREA VACONDIO\PDFsam Manager\PDFsam Enhanced\PDFsam Manager.exe [1050224 2015-11-13] (ANDREA VACONDIO -> ANDREA VACONDIO)
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [59384 2013-07-17] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
R3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [138232 2013-07-17] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737560 2019-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [251480 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH -> TeamViewer GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [86544 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [56848 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
R2 xmengine service; C:\WINDOWS\SysWOW64\xmesrv.exe [34696 2009-09-25] (Monet+, a.s. -> Monet+, a.s.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [205400 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [254128 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [196000 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswblog.sys [320624 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [57888 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [257832 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [166848 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112520 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88160 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1031000 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [476776 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [220640 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385848 2019-04-26] (AVAST Software s.r.o. -> AVAST Software)
S3 AX88179; C:\WINDOWS\System32\drivers\ax88179_178a.sys [74240 2018-04-12] (Microsoft Windows -> ASIX Electronics Corp.)
R3 BcmNfcIc; C:\WINDOWS\System32\drivers\BcmNfcIc.sys [77016 2015-10-27] (Broadcom Corporation -> Broadcom Corporation.)
R3 CM3218x; C:\WINDOWS\System32\drivers\WUDFRd.sys [264192 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 CPLMACPI; C:\WINDOWS\System32\drivers\CPLMACPI.sys [28136 2015-06-16] (Capella Microsystems Inc. -> Capella Microsystems, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [99384 2012-02-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d64x64.sys [548352 2015-12-08] (Intel(R) INTELNPG1 -> Intel Corporation)
S3 HPFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [20504 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPFXFAX; C:\WINDOWS\system32\drivers\hpfx64fax.sys [23064 2007-07-16] (Hewlett-Packard Company -> Hewlett Packard)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136720 2018-05-15] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
S3 LENOVODOCK; C:\WINDOWS\system32\DRIVERS\LenovoDock.sys [570368 2013-10-02] (Microsoft Windows Hardware Compatibility Publisher -> C-Media Inc.)
S3 massfilter_hs; C:\WINDOWS\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (ZTE CORPORATION -> HandSet Incorporated)
R3 MbmUsbSerial; C:\WINDOWS\System32\Drivers\MbmUsbSerial.sys [81392 2015-06-30] (Microsoft Windows Hardware Compatibility Publisher -> Ericsson AB)
R3 MkBusFilter; C:\WINDOWS\system32\DRIVERS\MbmDeviceFilter.sys [42208 2015-06-30] (Ericsson AB -> )
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3595472 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 PMDRVS; C:\WINDOWS\System32\drivers\pmdrvs.sys [44160 2018-12-26] (Lenovo -> Lenovo.)
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2019-04-28] (PAIPTAC Driver -> )
R3 ptun0901; C:\WINDOWS\System32\drivers\ptun0901.sys [27136 2016-06-15] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8874712 2013-09-19] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42584 2018-01-19] (Synaptics Incorporated -> Synaptics Incorporated)
R1 SMIDriver; C:\WINDOWS\system32\DRIVERS\smi.sys [39488 2016-07-13] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [203320 2012-02-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 STHFK; C:\WINDOWS\System32\Drivers\sthfk64.sys [46192 2016-02-29] (EuroCb (Phils) Inc. -> CSR plc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-06-07] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapipvanish; C:\WINDOWS\System32\drivers\tapipvanish.sys [45552 2016-09-22] (IPVanish (Mudhook Marketing, Inc) -> The OpenVPN Project)
S3 tpnflhlp; C:\ProgramData\Lenovo\SystemUpdate\sessionSE\Repository\gruj32us\tpnflhlp.sys [26448 2016-07-07] (LENOVO -> Lenovo Group Limited)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-21] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-21] (Microsoft Windows -> Microsoft Corporation)
R3 wmbclass; C:\WINDOWS\System32\drivers\wmbclass.sys [335872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-28 21:57 - 2019-04-28 21:59 - 000053436 ____C C:\Users\lenovo\Desktop\FRST.txt
2019-04-28 21:57 - 2019-04-28 21:57 - 000000000 ____D C:\FRST
2019-04-28 21:56 - 2019-04-28 21:56 - 002429952 ____C (Farbar) C:\Users\lenovo\Desktop\FRST64.exe
2019-04-27 14:54 - 2019-04-27 14:54 - 000044429 _____ C:\Users\lenovo\Downloads\789653740277_3_1132_20190331.pdf
2019-04-27 14:53 - 2019-04-27 14:53 - 000053331 _____ C:\Users\lenovo\Downloads\789653740277_20181031_20190425.pdf
2019-04-27 14:46 - 2019-04-27 14:46 - 002177128 _____ (Rational Intellectual Holdings Ltd.) C:\Users\lenovo\Downloads\PokerStarsInstallCZ.exe
2019-04-26 06:23 - 2019-04-26 06:36 - 000013139 _____ C:\Users\lenovo\Downloads\Saldo_VY_kachlik_IMPORT.xlsx
2019-04-26 06:23 - 2019-04-26 06:36 - 000010016 _____ C:\Users\lenovo\Downloads\Saldo_DO_kachlik_IMPORT.xlsx
2019-04-26 06:17 - 2019-04-26 06:16 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-04-26 06:16 - 2019-04-26 06:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-04-23 14:13 - 2019-04-23 14:13 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-04-23 14:13 - 2019-04-23 14:13 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-04-19 06:50 - 2019-04-19 06:50 - 000176107 _____ C:\Users\lenovo\Downloads\111108665_1014944998_20190331_2_00000003.pdf
2019-04-19 06:32 - 2019-04-19 06:32 - 001519833 _____ C:\Users\lenovo\Downloads\IMG_3369.jpeg
2019-04-19 06:32 - 2019-04-19 06:32 - 000936436 _____ C:\Users\lenovo\Downloads\IMG_3370.jpeg
2019-04-18 10:55 - 2019-04-18 10:56 - 000103574 _____ C:\Users\lenovo\Downloads\vyjádření.pdf
2019-04-17 13:52 - 2019-04-17 13:52 - 000039738 _____ C:\Users\lenovo\Downloads\polozky_FV_neexistujicich_FV.txt
2019-04-17 12:15 - 2019-04-17 12:15 - 000409557 _____ C:\Users\lenovo\Downloads\Rozpis zápasů všech kategorií - jaro 2019.pdf
2019-04-17 09:19 - 2019-04-17 09:19 - 000078029 _____ C:\Users\lenovo\Downloads\Protinabidka.pdf
2019-04-17 08:28 - 2019-04-17 08:28 - 000053963 _____ C:\Users\lenovo\Downloads\Zdravotni dotaz.pdf
2019-04-17 07:46 - 2019-04-25 15:11 - 000000000 ___DC C:\Users\lenovo\Desktop\SALDO_Vladka
2019-04-16 13:48 - 2019-04-16 13:48 - 000018944 ____C C:\Users\lenovo\Desktop\E10000000003_000148612581.xls
2019-04-15 10:02 - 2019-04-23 11:00 - 000002485 ____C C:\Users\lenovo\Desktop\dotazy poo spusteni.txt
2019-04-15 07:29 - 2019-04-26 06:17 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-04-12 11:35 - 2019-04-12 11:35 - 003027792 _____ C:\Users\lenovo\Downloads\Figura.zip
2019-04-12 11:07 - 2019-04-12 11:07 - 000262711 _____ C:\Users\lenovo\Downloads\RP_figura.pdf
2019-04-12 08:33 - 2019-04-12 08:34 - 008310531 _____ C:\Users\lenovo\Downloads\BT_6_09_197_SW_BT_Hypoteky_11.4.2019.zip
2019-04-11 15:37 - 2019-04-11 15:37 - 000002528 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-04-11 15:37 - 2019-04-11 15:37 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-04-11 15:37 - 2019-04-11 15:37 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-04-11 15:37 - 2019-04-11 15:37 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-04-11 15:37 - 2019-04-11 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-04-11 11:39 - 2019-04-11 11:39 - 000264665 _____ C:\Users\lenovo\Downloads\Občanka.pdf
2019-04-11 11:38 - 2019-04-11 11:38 - 001799120 _____ C:\Users\lenovo\Downloads\Figura_smlouva_byt_mesto.pdf
2019-04-11 11:38 - 2019-04-11 11:38 - 000505445 _____ C:\Users\lenovo\Downloads\Potvrzení o výši příjmu (1).pdf
2019-04-11 11:38 - 2019-04-11 11:38 - 000470401 _____ C:\Users\lenovo\Downloads\zadost_Figura.pdf
2019-04-10 13:03 - 2019-04-10 13:03 - 000000519 ____C C:\Users\lenovo\Desktop\datagrid_export-1554901410kuspokus.csv
2019-04-05 20:44 - 2019-04-05 20:45 - 000000056 ____C C:\Users\lenovo\Desktop\2test_dodelani_pokus_EXCEL_ext_cenik_pro_pana_Rychtaříka.csv
2019-04-05 20:41 - 2019-04-05 20:55 - 000000157 ____C C:\Users\lenovo\Desktop\test_dodelani_pokus_EXCEL_ext_cenik_pro_pana_Rychtaříka.csv
2019-04-05 20:39 - 2019-04-05 20:40 - 004220077 ____C C:\Users\lenovo\Desktop\dodelani_pokus_EXCEL_ext_cenik_pro_pana_Rychtaříka.csv
2019-04-05 17:36 - 2019-04-05 20:55 - 002521907 _____ C:\Users\lenovo\Desktop\dodelani_pokus_EXCEL_ext_cenik_pro_pana_Rychtaříka.xlsx
2019-04-05 15:34 - 2019-04-05 15:34 - 000505445 _____ C:\Users\lenovo\Downloads\Potvrzení o výši příjmu.pdf
2019-04-05 10:06 - 2019-04-05 12:38 - 000000450 ____C C:\Users\lenovo\Desktop\magoc_obj.txt
2019-04-04 16:22 - 2019-04-04 16:23 - 005888042 _____ C:\Users\lenovo\Downloads\01.835.176.TIF
2019-04-04 15:29 - 2019-04-04 15:29 - 000000038 _____ C:\Users\lenovo\Downloads\test_prepis_ean_1 (1).csv
2019-04-04 15:28 - 2019-04-04 15:28 - 000000038 _____ C:\Users\lenovo\Downloads\test_prepis_ean_1.csv
2019-04-04 07:27 - 2019-04-04 07:27 - 000000000 ___DC C:\Users\lenovo\AppData\Roaming\LibreOffice
2019-04-04 07:22 - 2019-04-04 07:22 - 000001165 _____ C:\Users\Public\Desktop\LibreOffice 6.2.lnk
2019-04-04 07:22 - 2019-04-04 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.2
2019-04-04 07:20 - 2019-04-04 07:21 - 000000000 ____D C:\Program Files\LibreOffice
2019-04-04 07:11 - 2019-04-04 07:13 - 297943040 _____ C:\Users\lenovo\Downloads\LibreOffice_6.2.2_Win_x64.msi
2019-04-03 15:26 - 2019-04-03 15:26 - 000012273 _____ C:\Users\lenovo\Desktop\pokus_CSV_EXCEL_ext_cenik_pro_pana_Rychtaříka.xlsx
2019-04-03 15:24 - 2019-04-05 17:31 - 011101295 ____C C:\Users\lenovo\Desktop\pokus_EXCEL_ext_cenik_pro_pana_Rychtaříka.xlsx
2019-04-03 13:29 - 2019-04-03 13:29 - 000899927 _____ C:\Users\lenovo\Downloads\HYBA_1_01_22_Zadost-o-HU_2 (1).pages
2019-04-03 13:25 - 2019-04-03 13:25 - 000899927 _____ C:\Users\lenovo\Downloads\HYBA_1_01_22_Zadost-o-HU_2.pages
2019-04-03 13:05 - 2019-04-03 13:06 - 011106869 _____ C:\Users\lenovo\Desktop\EXCEL_ext_cenik_pro_pana_Rychtaříka.xlsx
2019-04-02 23:02 - 2019-04-02 23:02 - 000144332 _____ C:\Users\lenovo\Downloads\Vypis_ctvrtletni30.6.2018.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000144197 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_30.6.2017.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000143989 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_31.12.2017.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000143498 _____ C:\Users\lenovo\Downloads\Vypis_ctvrtletni31.3.2018.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000133449 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_31.12.2016.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000133406 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_31.12.2015.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000133190 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_30.6.2016.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000131934 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_30.6.2014.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000131807 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_30.6.2015.pdf
2019-04-02 23:02 - 2019-04-02 23:02 - 000131588 _____ C:\Users\lenovo\Downloads\Vypis_pololetni_31.12.2014.pdf
2019-04-02 23:01 - 2019-04-02 23:01 - 000148790 _____ C:\Users\lenovo\Downloads\Vypis_ctvrtletni31.12.2018.pdf
2019-04-02 23:01 - 2019-04-02 23:01 - 000146611 _____ C:\Users\lenovo\Downloads\Vypis_ctvrtletni30.9.2018.pdf
2019-04-02 12:46 - 2019-04-05 20:56 - 000000000 ___DC C:\Users\lenovo\Desktop\IMPORTextce
2019-04-02 12:29 - 2019-04-02 12:29 - 015496308 ____C C:\Users\lenovo\Desktop\Ceník_20190401 (1).xlsx
2019-04-02 11:59 - 2019-04-02 12:12 - 000000536 ____C C:\Users\lenovo\Desktop\pokus_exrterni_cenik_ELKOV_import.csv
2019-04-02 11:42 - 2019-04-02 11:58 - 020273291 ____C C:\Users\lenovo\Desktop\exrterni_cenik_ELKOV_import.csv
2019-04-02 11:41 - 2019-04-02 11:41 - 011683249 ____C C:\Users\lenovo\Desktop\cenik_import.csv
2019-04-02 10:57 - 2019-04-02 10:57 - 017955790 ____C C:\Users\lenovo\Desktop\cenik.csv
2019-03-30 12:49 - 2019-03-30 12:49 - 000123193 ____C C:\Users\lenovo\Desktop\Sklad_27_03_2019.csv
2019-03-30 08:01 - 2019-03-30 12:50 - 000423256 ____C C:\Users\lenovo\Desktop\1589 - 2396 + úpravy Stepan_Vyplnuje---===KOMPLET_SOUPIS_opraveno.ods
2019-03-29 18:16 - 2019-03-29 18:16 - 000258730 _____ C:\Users\lenovo\Downloads\TF67741002.xltx
2019-03-29 17:56 - 2019-03-29 17:56 - 000027648 _____ C:\Users\lenovo\Downloads\turnaj-priklad.xls
2019-03-29 13:49 - 2019-03-29 13:49 - 000037860 _____ C:\Users\lenovo\Downloads\HYBA_3_02_13_Potvrzeni-o-vysi-prijmu_011.dot
2019-03-29 11:21 - 2019-03-29 11:21 - 000164142 _____ C:\Users\lenovo\Downloads\zvyrazneni_pozice.zip

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-04-28 21:58 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-28 21:57 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-04-28 21:55 - 2018-02-20 15:27 - 000000000 ____D C:\Program Files\Microsoft Office
2019-04-28 21:45 - 2017-06-08 09:04 - 000031152 _____ C:\WINDOWS\system32\Drivers\pmxdrv.sys
2019-04-28 21:42 - 2017-04-24 23:23 - 000000000 ____D C:\Program Files\Opera developer
2019-04-28 21:42 - 2017-04-24 23:16 - 000000000 ____D C:\Program Files\Opera
2019-04-28 21:42 - 2016-04-19 20:27 - 000000000 ___DC C:\Users\lenovo\AppData\Local\CrashDumps
2019-04-28 21:16 - 2018-05-20 18:31 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-27 14:39 - 2018-04-22 07:53 - 000000000 ___DC C:\Users\lenovo\AppData\Local\IE Tab
2019-04-26 15:33 - 2018-08-27 02:06 - 000002766 _____ C:\WINDOWS\System32\Tasks\Lenovo Power Management Driver PnP Task
2019-04-26 15:33 - 2018-05-20 21:31 - 000003830 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-04-26 15:33 - 2018-05-20 21:31 - 000003530 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-26 15:33 - 2018-05-20 21:31 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-04-26 15:33 - 2018-05-20 21:31 - 000003442 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-04-26 15:33 - 2018-05-20 21:31 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-26 15:33 - 2018-05-20 21:31 - 000003344 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{203AD8B5-B1A9-434B-A23A-4D0D6EDE1F37}
2019-04-26 15:33 - 2018-05-20 21:31 - 000003314 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1493069008
2019-04-26 15:33 - 2018-05-20 21:31 - 000003294 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1493068622
2019-04-26 15:33 - 2018-05-20 21:31 - 000003218 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-04-26 15:33 - 2018-05-20 21:31 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-26 15:33 - 2018-05-20 21:31 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-26 15:33 - 2018-05-20 21:31 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1864349024-1291946563-1421522111-1001
2019-04-26 15:33 - 2018-05-20 21:31 - 000002306 _____ C:\WINDOWS\System32\Tasks\RtHDVBg_Dolby
2019-04-26 15:33 - 2018-05-20 21:31 - 000002302 _____ C:\WINDOWS\System32\Tasks\RTKCPL
2019-04-26 15:33 - 2018-05-20 21:31 - 000002274 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2019-04-26 15:33 - 2018-05-20 21:31 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-04-26 15:33 - 2018-05-20 21:31 - 000002138 _____ C:\WINDOWS\System32\Tasks\Lenovo Active Protection System
2019-04-26 15:33 - 2018-05-20 21:31 - 000002048 _____ C:\WINDOWS\System32\Tasks\Synaptics TouchPad Enhancements
2019-04-26 15:33 - 2018-05-20 21:31 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-04-26 15:33 - 2017-02-07 13:13 - 000000346 _____ C:\WINDOWS\Tasks\Lenovo Active Protection System.job
2019-04-26 15:33 - 2016-05-10 11:32 - 000000928 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-04-26 15:33 - 2016-05-10 11:32 - 000000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-04-26 15:06 - 2018-05-20 21:31 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-04-26 06:33 - 2018-02-12 11:45 - 000000000 ___DC C:\Users\lenovo\AppData\Local\Packages
2019-04-26 06:17 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-04-26 06:17 - 2015-12-17 10:40 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-04-26 06:17 - 2015-12-17 10:40 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-04-26 06:16 - 2019-02-13 18:44 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-04-26 06:16 - 2019-01-14 19:22 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-04-26 06:16 - 2019-01-09 18:48 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswblog.sys
2019-04-26 06:16 - 2019-01-09 18:48 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-04-26 06:16 - 2019-01-09 18:48 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-04-26 06:16 - 2019-01-09 18:48 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-04-26 06:16 - 2018-10-15 15:49 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-04-26 06:16 - 2017-11-20 22:01 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-04-26 06:16 - 2016-05-10 11:31 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-04-26 06:16 - 2015-12-17 10:40 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-04-26 06:16 - 2015-12-17 10:40 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-04-26 06:16 - 2015-12-17 10:40 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-04-26 06:16 - 2015-12-17 10:40 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-04-26 06:16 - 2015-12-17 10:40 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-04-25 15:04 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-25 15:04 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-25 15:03 - 2017-04-24 23:23 - 000001192 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera developer.lnk
2019-04-23 08:08 - 2017-03-21 12:21 - 000000000 ___DC C:\Users\lenovo\AppData\Local\SpreadsheetTools
2019-04-21 10:36 - 2018-05-20 21:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-19 15:11 - 2016-05-10 11:34 - 000000000 ___RD C:\Users\lenovo\Dropbox
2019-04-19 15:11 - 2016-05-10 11:31 - 000000000 ___DC C:\Users\lenovo\AppData\Local\Dropbox
2019-04-19 09:46 - 2018-09-09 08:06 - 000000000 ___DC C:\Users\lenovo\Documents\PDF files
2019-04-18 12:15 - 2016-05-23 11:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-18 12:15 - 2016-05-23 11:36 - 000000000 ____D C:\Program Files\Java
2019-04-18 12:12 - 2016-05-23 11:36 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-04-18 09:24 - 2018-05-20 18:34 - 000002419 ____C C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-18 09:24 - 2015-12-18 07:10 - 000000000 ___RD C:\Users\lenovo\OneDrive
2019-04-17 09:38 - 2019-03-03 22:55 - 000000000 ___DC C:\Users\lenovo\AppData\Local\myWAC
2019-04-17 09:38 - 2019-03-03 22:55 - 000000000 ____D C:\Program Files (x86)\myWAC
2019-04-15 07:29 - 2015-12-17 10:40 - 000476264 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswae34a2812ee8b700.tmp
2019-04-15 06:58 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 16:54 - 2018-05-20 21:31 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-11 16:54 - 2018-04-12 17:51 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-11 16:54 - 2018-04-12 17:51 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-11 16:54 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-11 15:04 - 2017-02-08 12:21 - 000000000 ___DC C:\Users\lenovo\AppData\Roaming\TeamViewer
2019-04-11 14:52 - 2015-12-17 20:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-11 14:48 - 2015-12-17 20:47 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-11 11:44 - 2018-05-29 07:35 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-11 10:12 - 2018-03-19 15:48 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-04-11 06:36 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-11 06:36 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-10 10:58 - 2018-05-20 18:34 - 000000000 ____D C:\Users\lenovo
2019-04-10 10:58 - 2017-11-18 02:21 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-10 10:58 - 2015-12-18 07:08 - 000000000 __SHD C:\Users\lenovo\IntelGraphicsProfiles
2019-04-10 10:50 - 2018-05-20 21:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-10 10:50 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-10 10:50 - 2017-11-18 02:22 - 000000000 ____D C:\ProgramData\Synaptics
2019-04-10 06:38 - 2015-12-17 10:01 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-10 06:38 - 2015-12-17 10:01 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-09 15:33 - 2016-01-20 11:43 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-05 11:05 - 2017-09-29 09:51 - 000000000 ____D C:\Program Files\rempl
2019-04-04 07:24 - 2018-05-20 18:31 - 000711696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-04 07:23 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-04-03 06:43 - 2017-07-04 09:00 - 000001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-04-01 19:51 - 2018-07-13 14:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-13 14:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-29 17:52 - 2018-05-20 18:34 - 000000000 ___DC C:\Users\lenovo\AppData\Local\Microsoft Help

==================== Files in the root of some directories =======

2015-10-27 17:58 - 2015-12-17 10:34 - 000002274 ____C () C:\Users\lenovo\AppData\Roaming\AbsoluteReminder.xml
2017-07-03 14:47 - 2017-05-02 23:44 - 000000011 ____C () C:\Users\lenovo\AppData\Roaming\pecodec.dll
2016-09-14 02:03 - 2016-09-14 02:03 - 000004096 ___HC () C:\Users\lenovo\AppData\Local\keyfile3.drm
2015-10-27 17:57 - 2015-10-27 17:57 - 000000193 ____C () C:\Users\lenovo\AppData\Local\RegisteredPackageInformation.xml

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.04.2019
Ran by lenovo (28-04-2019 21:59:35)
Running from C:\Users\lenovo\Desktop
Windows 10 Pro Version 1803 17134.648 (X64) (2018-05-20 19:31:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1864349024-1291946563-1421522111-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1864349024-1291946563-1421522111-503 - Limited - Disabled)
Guest (S-1-5-21-1864349024-1291946563-1421522111-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1864349024-1291946563-1421522111-1003 - Limited - Enabled)
lenovo (S-1-5-21-1864349024-1291946563-1421522111-1001 - Administrator - Enabled) => C:\Users\lenovo
WDAGUtilityAccount (S-1-5-21-1864349024-1291946563-1421522111-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{0611B3CC-B5DB-4B93-ACE4-97B8F938E6B7}) (Version: 4.2.1 - Hewlett-Packard) Hidden
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.204 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.171 - Adobe)
AEGON Expert 3.0 (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\6d331183306bd716) (Version: 3.0.6240.27102 - AEGON Pojišťovna, a.s.)
AIDA64 Extreme v5.00 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.00 - FinalWire Ltd.)
Aladin verze 4.0 (HKLM-x32\...\{77D91700-C34E-47C5-83A5-238F19FF3C48}_is1) (Version: 4.0 - Slavia Pojišťovna a.s.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apowersoft Phone Manager verze 2.8.8 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.8.8 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.4.2374 - AVAST Software)
AXA Studio (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\1ec9ff54381d781f) (Version: 1.4.98.20454 - AXA Studio)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
Balíček ovladače systému Windows - SuperTooth Hands Free Kit DFU driver (02/09/2016 2.4.0.7) (HKLM\...\2517ADEBF91C46544B723681D0D421F4712E905F) (Version: 02/09/2016 2.4.0.7 - SuperTooth)
Barvy 4.1 (HKLM\...\Barvy_is1) (Version: - Vlastimil Burian)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BOSSAFX (HKLM-x32\...\BOSSAFX) (Version: 4.00 - MetaQuotes Software Corp.)
BufferChm (HKLM-x32\...\{687FEF8A-8597-40b4-832C-297EA3F35817}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Capella Micro CM3218x SPB Driver (HKLM-x32\...\CM3218x) (Version: 1.1.6.0 - Capella Microsystems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CPCSi_1_1_31_PPT (HKLM\...\{A3F9B37E-F67E-44B7-9F68-634376F3A600}) (Version: 1.1.31.16455 - Monet+, a.s.)
CustomerResearchQFolder (HKLM-x32\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
ČSOBP Kalkulátory 1.27.0.x (HKLM-x32\...\Kalkulátory_is1) (Version: - )
DeviceDiscovery (HKLM-x32\...\{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}) (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM-x32\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7/8 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 71.4.108 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
eModel - MetLife (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\eModel) (Version: 2.2.0.3 - MetLife)
eModel - MetLife (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\W5070WG9.E3P) (Version: 2.2.0.0 - MetLife)
FLEXI SmartClient (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\2f9c2a270a3e3b3e) (Version: 2.3.29.16496 - Kooperativa)
Generátor knihy jízd (HKLM-x32\...\Generátor knihy jízd) (Version: - )
Gesture Control (HKLM-x32\...\{5BD1491C-A955-44E1-ACC6-8AF7DFE41989}) (Version: 4.0.116.4 - Lenovo)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.1.47.5133 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{1F803452-798F-49FB-A5DD-9F527F7017E4}) (Version: 1.0.473 - LogMeIn, Inc.)
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Color LaserJet CM2320 MFP Series 3.1 (HKLM\...\{ECF3E482-9188-4e29-9C31-E02FD8DC74C0}) (Version: 3.1 - HP)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
hppCLJCM2320 (HKLM-x32\...\{DD7D788B-D6C2-4CB1-AACC-8614D6C21D7C}) (Version: 003.001.00097 - Hewlett-Packard) Hidden
hppFaxDrvCM2320 (HKLM-x32\...\{B226235F-51A4-4090-B5DB-5482A28D1B0F}) (Version: 003.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM2320 (HKLM-x32\...\{511CA535-9CB1-4128-A30C-5F4C5D4AB848}) (Version: 003.001.00095 - Název společnosti:) Hidden
hppFonts (HKLM-x32\...\{995F2783-8311-49BF-833E-DB659774B4F6}) (Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM2320 (HKLM-x32\...\{AE7C40B6-9C6D-4022-B017-A41A6B7FA4D3}) (Version: 003.001.00087 - Název společnosti:) Hidden
hppQFolderCM2320 (HKLM-x32\...\{FF841249-0D6B-41D7-8013-953EE3A33263}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM2320 (HKLM-x32\...\{24495227-1B47-4D55-AC27-167B6BC3FF73}) (Version: 003.001.00090 - Název společnosti:) Hidden
hppSendFaxCM2320 (HKLM-x32\...\{99EE30D2-A7EA-486C-9AD4-57C8583375BF}) (Version: 003.000.00001 - Název společnosti:) Hidden
hppusgCM2320 (HKLM-x32\...\{77697747-7567-428D-8394-2287586F6974}) (Version: 1.1.0.1 - Hewlett-Packard) Hidden
iExplorer (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\2ee35ebaf226322a) (Version: 4.2.0.0 - Macroplant LLC)
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.00.55 - Softex Inc.) Hidden
Integrated Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10247 - Realtek Semiconductor Corp.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000060-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.60.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IPVanish (HKLM\...\{3CAA8FE3-47C3-48F3-B773-D4F81C1D88B7}) (Version: 3.2.5.1 - IPVanish) Hidden
IPVanish (HKLM-x32\...\IPVanish 3.2.5.1) (Version: 3.2.5.1 - IPVanish)
IQFeed Client 5.2.7.0 (HKLM-x32\...\IQFeed Client) (Version: 5.2.7.0 - DTN)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
iTunes (HKLM\...\{56E3752E-E2E6-4F7C-AC04-24BC03A78F09}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.7.1 - PandoraTV)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 5.0.1120 - KYOCERA Document Solutions Inc.)
KYOCERA Status Monitor 5 (HKLM\...\{24EE7F6D-C648-463f-9E71-DC5FD2258D17}) (Version: 5.0.6015 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{4CC65EFD-0604-4978-B336-C43283645D58}) (Version: 2.0.1310 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{4CC65EFD-0604-4978-B336-C43283645D58}) (Version: 2.0.1310 - KYOCERA Document Solutions Inc.)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.14 - Lenovo) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 2.05 - )
Lenovo On Screen Display (HKLM\...\OnScreenDisplay) (Version: 8.85.03 - Lenovo) Hidden
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{053ACA98-6B07-4DD0-9DB3-F51E3EB1780C}) (Version: 1.4.0.4 - Lenovo Group Limited) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.16 - Lenovo) Hidden
Lenovo QuickControl (HKLM-x32\...\{4855C42F-5197-4AAD-A50D-5066D2CC4647}) (Version: 1.10 - Lenovo Group Limited)
Lenovo Settings – Power (HKLM-x32\...\{A6CFC34A-56EE-4AF5-8C49-995F59E6A160}) (Version: 2.00.000 - Lenovo) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0078 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0012.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0011.00 - Lenovo)
LibreOffice 6.2.2.2 (HKLM\...\{7B486711-D8E3-41F4-A518-D709CD62C3D1}) (Version: 6.2.2.2 - The Document Foundation)
LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.8 - Thibaut Lauziere)
LockXLS Runtime (HKLM\...\{1140A38C-5598-4B57-A366-1C4CB996872E}) (Version: 6.1.7 - Spreadsheet Tools)
Manager (HKLM-x32\...\{3802F563-BAD7-47F3-AF91-ED1C9467B224}) (Version: 3.0.7.25771 - ANDREA VACONDIO) Hidden
MarketResearch (HKLM-x32\...\{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
MetLife - Garde 3.0 (HKLM-x32\...\{BA597C8D-B7EE-423D-A041-5373DC0AEB33}) (Version: 3.0.100 - MetLife pojištovna a. s.)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0008.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0011.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\OneDriveSetup.exe) (Version: 19.062.0331.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Broadband Drivers (HKLM\...\{053BB205-59BA-44E5-AD33-F5402494BAB7}) (Version: 8.2.5 - Lenovo) Hidden
Mobile Broadband Drivers (HKLM-x32\...\{68D0E8C7-E4F8-424E-A6D6-97A06A323FFE}) (Version: 8.1.0.7 - Ericsson AB)
Mobile Broadband Drivers v8.2.5 (HKLM-x32\...\{47786bea-6a7b-4d85-9b51-d1db1d022f0a}) (Version: 8.2.5 - Lenovo)
Mozilla Firefox 53.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 cs)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
myWAC (HKLM-x32\...\{76608CC7-EFEB-4470-BE2E-C0096CD41AC7}) (Version: 5.1.159.592 - myWAC TECHNOLOGIES s.r.o.) Hidden
myWAC (HKLM-x32\...\myWAC 5.1.159.592) (Version: 5.1.159.592 - myWAC TECHNOLOGIES s.r.o.)
NAPS2 5.6.2 (HKLM-x32\...\NAPS2 (Not Another PDF Scanner 2)_is1) (Version: - Ben Olden-Cooligan)
Netview_X OCX (HKLM-x32\...\Netview_X OCX) (Version: 2.0.0.1 - )
NinjaTrader 7 (HKLM-x32\...\{94A2EF87-0F5B-4DC8-98DE-FD569674C05F}) (Version: 7.0.1037 - NinjaTrader)
NinjaTrader 8 (HKLM-x32\...\{06787A8C-13F0-4F20-ABE8-32D4DB694E8F}) (Version: 8.0.11.1 - NinjaTrader, LLC)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
OpenVPN 2.4.7-I603 (HKLM\...\OpenVPN) (Version: 2.4.7-I603 - OpenVPN Technologies, Inc.)
Opera developer 61.0.3296.0 (HKLM-x32\...\Opera 61.0.3296.0) (Version: 61.0.3296.0 - Opera Software)
Opera Stable 58.0.3135.127 (HKLM-x32\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Partner24 (HKLM-x32\...\Partner24) (Version: 1.7.1 - Česká Spořitelna a.s.)
PČS SmartClient (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\ee485056d1c5a354) (Version: 2.2.10.40 - Pojišťovna České spořitelny)
PDF Compressor (HKLM-x32\...\{74CB4E29-732C-47A6-B9C6-790EC768FCBA}) (Version: 2.7.0.0 - iWesoft)
PDF Eraser V1.8 (HKLM-x32\...\PDF Eraser_is1) (Version: - hxxp://www.PDFEraser.net)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 6.05 - FinePrint Software, LLC)
PDFsam Basic (HKLM-x32\...\{2613AD46-FB81-46DC-9001-E1BA183F9520}) (Version: 3.0.30.0 - Andrea Vacondio)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Poradce - MAKFAC,SLS,MBI, verze 1.54/1 (HKLM-x32\...\Hledik - Poradce - MAKFAC,SLS,MBI) (Version: 1.54/1 - )
PrivateTunnel (HKLM-x32\...\PrivateTunnel) (Version: 2.8.4.0 - OpenVPN Technologies)
RajcePhotoDownloader (HKLM-x32\...\RajcePhotoDownloader_is1) (Version: verze - Rajce.net)
Rajče Downloader verze 1.0.0.0 (HKLM-x32\...\{3AA7960E-DEAE-4D21-93BE-7B0E8EE4D0FA}_is1) (Version: 1.0.0.0 - Ladislav Havlát)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8224 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.2 - Lenovo)
Skype verze 8.25 (HKLM-x32\...\Skype_is1) (Version: 8.25 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\slack) (Version: 3.3.7 - Slack Technologies)
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
SopCast 4.0.0 (HKLM-x32\...\SopCast) (Version: 4.0.0 - www.sopcast.com)
SuperTooth Update (HKLM-x32\...\{FAC31E4D-67DC-4E12-9184-CFCB7D4B288F}) (Version: 1.0.16 - SuperTooth)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.17.135 - Synaptics Incorporated)
Synaptics WBF DDK 5011 (Advanced) (HKLM\...\{87E2D28A-EEE2-4C3C-B0C1-CDA986B3C42E}) (Version: 4.5.503.0 - Synaptics)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
ThinkPad OneLink Dock (HKLM-x32\...\{8E1CACF5-2493-4950-9AD5-189903FE57E7}) (Version: 1.08.24 - Lenovo)
ThinkPad Settings Dependency (HKLM\...\{08515684-CE49-47EF-B509-326A2E91BC5C}_is1) (Version: 3.0.1.29 - Lenovo) Hidden
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
TrayApp (HKLM-x32\...\{5ACE69F0-A3E8-44eb-88C1-0A841E700180}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
USB Disk Storage Format Tool 5.1 (HKLM\...\USB Disk Storage Format Tool_is1) (Version: - Authorsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
WebReg (HKLM-x32\...\{CCB9B81A-167F-4832-B305-D2A0430840B3}) (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Intel (e1dexpress) Net (07/02/2013 12.9.16.0) (HKLM\...\023677FE062B918F6118988706661111844C0205) (Version: 07/02/2013 12.9.16.0 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (08/01/2013 12.8.0.1016) (HKLM\...\C8A921233C0C441A4E4EAABC2AB08C872FD77A6E) (Version: 08/01/2013 12.8.0.1016 - Intel Corporation)
Windows Driver Package - Lenovo 1.67.04.04 (11/07/2013 1.67.04.04) (HKLM\...\70FB73D983446AEE2932B0ED51A770D1BD1348DA) (Version: 11/07/2013 1.67.04.04 - Lenovo)
Windows Driver Package - Synaptics (SmbDrv) System (10/23/2013 17.0.12.52) (HKLM\...\546FF7E8ABB3021DB74C663BFEAB0780589F2990) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Windows Driver Package - Synaptics (SynTP) Mouse (10/23/2013 17.0.12.52) (HKLM\...\D4AF752691BC44E5CA6E33BDDD57F0845B4AEBFE) (Version: 10/23/2013 17.0.12.52 - Synaptics)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare)
Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\lenovo\Dropbox [2016-05-10 11:34]
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-05-18] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-17] (LENOVO -> Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-10-17] (LENOVO -> Lenovo)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-04-23] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-03-19] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Compressor\PDF Compressor Website.lnk -> hxxp://www.pdfcompressor.org

==================== Loaded Modules (Whitelisted) ==============

2016-01-22 13:55 - 2012-06-14 18:18 - 000359936 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2016-03-01 15:37 - 2009-09-22 20:44 - 000022016 _____ (Hewlett-Packard Company) [File not signed] C:\WINDOWS\System32\hppfaxprintermon5.dll
2008-03-03 14:36 - 2008-03-03 14:36 - 000331264 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\HpTcpMon.dll
2008-03-03 14:36 - 2008-03-03 14:36 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\System32\HPTcpMUI.dll
2005-04-08 02:27 - 2005-04-08 02:27 - 000132096 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hpzjrd01.dll
2008-03-03 14:35 - 2008-03-03 14:35 - 000153088 _____ (Hewlett Packard) [File not signed] C:\WINDOWS\System32\hptcpmib.dll
2016-04-15 13:54 - 2014-02-05 13:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000335872 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
2018-06-14 01:36 - 2017-05-05 17:49 - 000198144 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppCommon.dll
2018-06-14 01:36 - 2015-02-27 10:35 - 000489984 _____ (Newtonsoft) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\Newtonsoft.Json.dll
2018-06-14 01:36 - 2017-05-05 17:49 - 000087552 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppCollect.dll
2016-09-30 14:40 - 2018-04-30 14:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-03-01 15:37 - 2009-09-22 20:39 - 003700736 ____N (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HP Color LaserJet CM2320 MFP Series\hppfaxprintersrv.exe
2007-11-06 21:16 - 2007-11-06 21:16 - 000139264 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000184320 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2003-03-18 23:23 - 2003-03-18 23:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2006-10-26 14:40 - 2006-10-26 14:40 - 000192512 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\msdbg2.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000217088 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2007-10-14 20:38 - 2007-10-14 20:38 - 000159744 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpquio08.dll
2007-10-14 20:38 - 2007-10-14 20:38 - 000047616 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2007-10-14 20:38 - 2007-10-14 20:38 - 000098304 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtao08.dll
2008-01-03 20:24 - 2008-01-03 20:24 - 000077824 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotradd.dll
2007-10-14 20:43 - 2007-10-14 20:43 - 000303104 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2007-11-06 21:16 - 2007-11-06 21:16 - 000061440 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddusr.dll
2007-10-14 20:43 - 2007-10-14 20:43 - 000405504 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2018-05-20 21:25 - 2018-05-20 21:25 - 000097280 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d1cb102c435421de\ATL80.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-03-15 20:12 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

2018-10-20 09:02 - 2018-11-02 04:46 - 000000439 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Lenovo\Fingerprint Manager Pro\;C:\ProgramData\Lenovo\ReadyApps;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Users\lenovo\AppData\Local\Microsoft\WindowsApps;C:\adb;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lenovo\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{0659d0a4-071d-419a-a7e4-a69bdb08fb88}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "ThinkPad OneLink Dock Management.lnk"
HKLM\...\StartupApproved\StartupFolder: => "avast! SecureLine.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\StartupApproved\Run: => "com.squirrel.slack.slack"
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\...\StartupApproved\Run: => "Skype for Desktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{AC74DD7F-7265-48B4-ADBE-67CA8E02A4DD}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Block) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [TCP Query User{0706CD60-A573-4B7F-98F7-F660903F2D7D}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Block) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [{DA382CE0-8502-4085-AD22-527AA2C5EC3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{60F98C6B-49B2-4A79-831C-E90E761AA7C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{F7F8F28F-9E6E-437F-A372-71A7D1B1C75C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{33F44F99-5703-41BB-8D86-6A72AAE2F7F5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [UDP Query User{F7DBC04A-52F8-42B1-8F94-B655362FD2B2}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{107FAA4D-7105-4CFF-A82B-5B1C42731A2A}C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe] => (Allow) C:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{4028E688-885D-418F-82B7-081ECED943E0}C:\ingapps\nn_ekalkulacka_nn_cz\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\ingapps\nn_ekalkulacka_nn_cz\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{C6E52831-CB8F-43C4-BC9E-65D104024159}C:\ingapps\nn_ekalkulacka_nn_cz\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\ingapps\nn_ekalkulacka_nn_cz\jre1.8.0_91\bin\javaw.exe
FirewallRules: [{4F77EEEE-81E6-4CF4-9DF8-8C3E6B00181D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7CB92141-D609-431D-8CE4-26372E1B080C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C662CC68-8E73-4A20-84F9-C4FE2E0202DA}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EA156D7A-75D8-4B8D-9718-D4D5EFB0038C}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{00502890-148A-495A-933E-A78A1BD3ED58}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{24F88549-FFAD-45E8-9E06-9726021ACF6E}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{A3249F07-0179-434A-AC65-B636B58A99A1}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{FDDD7C48-B948-4327-B90C-A3F842867EA9}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{035BBD4E-090E-498E-9E88-C93766A331C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BAD5002C-B00D-4385-90DA-8D433843F892}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{A06FDF17-E468-4EC8-A799-EC5838975668}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [TCP Query User{DF0350C9-AA60-4DCA-86C4-F571E54EBD90}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe No File
FirewallRules: [{1CE21B52-6AA9-4F59-BC0B-F42CC3484A6F}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
FirewallRules: [{887B2B59-30BB-432D-A0E1-2B9B0EAFB83E}] => (Allow) C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
FirewallRules: [{2365181D-B8E3-415F-885A-CFC29D57A613}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{F114F6AB-1990-4B6C-A054-459D5E3CA881}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{6B53777F-4D18-410C-876F-2E05DF703C99}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{9AF66228-AC06-4535-98FC-72F74F1D4C1A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{3585F7DD-1400-40FE-89FF-33D7B9322D75}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{BA1A64F9-52F3-4473-8751-1F8C602FC693}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{91F46B7C-DFEC-4010-A055-389A1F23B204}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File
FirewallRules: [{3A855037-6714-439D-9744-A38ACBCFE129}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File
FirewallRules: [TCP Query User{78C58710-7BC2-4B21-A884-FDEF1C806CF6}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [UDP Query User{20DC3999-337E-4F91-9A1D-717949549D77}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe (www.sopcast.com) [File not signed]
FirewallRules: [{15BC1244-4FEB-4B00-B230-7649DC7DBFF8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{C41F91A1-0CB1-4D8B-B04C-D0081A297F29}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{3B5CA37F-08EB-40EE-A34E-1C844130D518}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [{410E9794-7140-415F-824C-DEFC52191EBE}] => (Allow) C:\Program Files\VueScan\vuescan.exe (Hamrick Software -> Hamrick Software)
FirewallRules: [TCP Query User{494F7991-BBD8-4815-B277-2B304D639FC0}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [UDP Query User{76EC1270-D160-4E9A-857E-ECD35E5D11F2}C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin64\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [TCP Query User{44FDE678-C0B0-4FF5-9743-B5CA4CC7415D}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [UDP Query User{FBEA040C-2BAB-49C4-AEF6-737435534816}C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 8\bin\ninjatrader.exe (NinjaTrader) [File not signed]
FirewallRules: [TCP Query User{9E6A7C88-A7FD-431A-90F3-3E465DD15639}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [UDP Query User{8ED3A997-2E32-4B93-BE97-478599213B86}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [TCP Query User{0FF6CAB5-4391-4D81-A3BC-BA94CD11383E}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [UDP Query User{C69997AD-8EAF-4BD9-B164-0A8D8CA14D0A}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [TCP Query User{91CD5C3B-1532-471B-A0C9-E01BADAB8B06}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [UDP Query User{B4519D6A-9BEE-42DB-A88F-537576214977}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe (NinjaTrader LLC, hxxp://www.ninjatrader.com) [File not signed]
FirewallRules: [{7C680511-A13B-4FA6-87F6-52BBB24C2319}] => (Allow) LPort=9422
FirewallRules: [{A9AE438F-7C8A-4AFC-B933-EE0BF849078E}] => (Allow) LPort=9245
FirewallRules: [{0D30167E-A428-4465-BE02-768C620476A0}] => (Allow) LPort=9246
FirewallRules: [{3A9920BA-A28E-4CDF-B800-405ED01C51FC}] => (Allow) LPort=9247
FirewallRules: [{3DFBE411-3800-4C0C-9BF8-98E9E14320FC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7D4F16AF-117E-4DED-AB9B-8BD764014EDB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0185EF25-2B82-4AE0-850B-054467FC21CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3147213-1C54-4773-A790-23FB1B76DDDB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{28035F09-D9F0-4F23-B413-7D11CB3C0F98}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{63BC9CE9-B523-45FE-B3FC-851DA6915390}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39ECE275-EE11-4A95-80A3-0D0E3E5CA6F7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{71CF06C8-1A8B-4B77-9328-A6B4B3923224}] => (Allow) LPort=3702
FirewallRules: [{3742DE7F-8389-48C8-A30F-7C3C12D22705}] => (Allow) LPort=9244
FirewallRules: [{3CE470B2-8D30-42EF-A4EF-841FB3B796DA}] => (Allow) LPort=9444
FirewallRules: [{BA27E26E-B5AC-40AA-9111-EEF3BF3B6586}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3CB42F8E-A119-474C-B4C9-23914C56E392}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6D137DBD-C92A-4C70-A1EC-A106F654EE97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0D7CA798-04D0-498A-B4F8-308FF1EC4B74}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D5CE4AA6-EA3E-4216-981B-10BCBA40562E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{87B32E2D-3421-439A-97EE-9574D3B81D13}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B07761DF-4F84-4264-9ECA-30775FB79C65}] => (Allow) %systemroot%\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A29DCD6B-6203-478E-B239-A6E652909B9A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{33AFAC4F-E370-46D8-B11A-0B7307A423E9}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{4711E72C-1577-4780-8DFF-4DF51CC2ED62}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe (Lenovo -> )
FirewallRules: [{7B29147A-030D-43A0-9B27-7DC9AEDB7934}] => (Allow) C:\Program Files\Opera\58.0.3135.118\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{873D0F4C-A778-4410-A5EF-412DAE3E5933}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{1FF79A0C-7EA5-4496-8A9B-CFCCF56FC5B3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{7F1018D3-8AB2-49B3-849A-35FA76A54E45}] => (Allow) C:\Program Files\Opera developer\61.0.3290.0\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{27F285C6-5C67-477E-A97A-2CE80AFAA264}] => (Allow) C:\Program Files\Opera developer\61.0.3296.0\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{84736895-2736-4152-841E-9B80DFD7C2BA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/28/2019 09:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Název chybujícího modulu: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Kód výjimky: 0xc0000409
Posun chyby: 0x000dacad
ID chybujícího procesu: 0x1b00
Čas spuštění chybující aplikace: 0x01d4fdfa80e526af
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
ID zprávy: 45cd5144-2f77-4454-9055-a9b245384bc4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/28/2019 09:42:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x1298
Čas spuštění chybující aplikace: 0x01d4fc34a03e4cc4
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: b357e11d-43df-48dd-8d66-3a34e3719393
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2019 03:24:06 PM) (Source: NfcwEventProvider) (EventID: 259) (User: )
Description: Event-ID 259

Error: (04/26/2019 03:05:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Název chybujícího modulu: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Kód výjimky: 0xc0000409
Posun chyby: 0x000dacad
ID chybujícího procesu: 0x45d8
Čas spuštění chybující aplikace: 0x01d4fc30b642b4e0
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
ID zprávy: 6259b87c-dac7-4634-a3cc-35dc1fd94dc9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2019 03:02:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Název chybujícího modulu: VpnUpdate.exe, verze: 5.2.429.0, časové razítko: 0x5c628c6f
Kód výjimky: 0xc0000409
Posun chyby: 0x000dacad
ID chybujícího procesu: 0x1664
Čas spuštění chybující aplikace: 0x01d4fc304df0c123
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe
ID zprávy: 66c0ee5f-5459-46cd-9768-6fb546c0803a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2019 07:29:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.556, časové razítko: 0xf23cada5
Název chybujícího modulu: NotificationController.dll, verze: 10.0.17134.165, časové razítko: 0xe0385185
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007a24d
ID chybujícího procesu: 0x218c
Čas spuštění chybující aplikace: 0x01d4fb6d7b5c0e81
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\NotificationController.dll
ID zprávy: b180d924-6ff6-4996-af4e-ac81fbd4b1c2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/26/2019 06:16:32 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.

Error: (04/26/2019 06:16:32 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Objekt nebo vlastnost nebyly nalezeny.


System errors:
=============
Error: (04/28/2019 09:42:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_265adb byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/27/2019 03:41:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/27/2019 03:41:53 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Ericsson N5321 gw, {1B6D0492-744F-403A-B7E4-E2EF69C3989B}, došlo k události 71.

Error: (04/27/2019 03:11:45 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Ericsson N5321 gw, {1B6D0492-744F-403A-B7E4-E2EF69C3989B}, došlo k události 71.

Error: (04/26/2019 04:07:00 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Na miniportu Ericsson N5321 gw, {1B6D0492-744F-403A-B7E4-E2EF69C3989B}, došlo k události 71.

Error: (04/26/2019 07:29:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_265adb byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (04/26/2019 07:29:44 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Ericsson N5321 gw, {1B6D0492-744F-403A-B7E4-E2EF69C3989B}, došlo k události 71.

Error: (04/26/2019 07:19:09 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
Description: Na miniportu Ericsson N5321 gw, {1B6D0492-744F-403A-B7E4-E2EF69C3989B}, došlo k události 71.


Windows Defender:
===================================
Date: 2019-04-17 10:24:21.140
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_D:\install\Microsoft Office 2016 + Čeština + Aktivátor\Microsoft Office 2016\Microsoft Office 2016\Setup.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Lenovo-PC\lenovo
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.291.2103.0, AS: 1.291.2103.0, NIS: 1.291.2103.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1

Date: 2019-04-11 11:45:46.984
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {5FD39C49-A4C1-4D78-9B92-41F261D774DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-11 11:16:37.004
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {62C82EAC-F917-4023-916E-3958555F02E8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-11 11:06:06.447
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {701A0E6B-5862-405A-B161-D29EA0F43053}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-04 15:26:05.752
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {36406970-4716-4164-AB5F-053EA49D2ECE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-26 15:12:42.890
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.293.157.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15900.4
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2019-04-28 21:57:34.912
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:57:34.910
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:57:23.745
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:57:23.742
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:47:02.589
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:47:02.587
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:46:59.813
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-28 21:46:59.810
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO GRET45WW (1.22 ) 08/31/2015
Motherboard: LENOVO 20A7003UMC
Processor: Intel(R) Core(TM) i7-4550U CPU @ 1.50GHz
Percentage of memory in use: 55%
Total physical RAM: 8087.78 MB
Available physical RAM: 3574.04 MB
Total Virtual: 10391.78 MB
Available Virtual: 4835.15 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:113.11 GB) (Free:20.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (data) (Fixed) (Total:105.26 GB) (Free:25.9 GB) NTFS

\\?\Volume{5e7663c8-828b-4aa3-a9b8-9e38811d4849}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.64 GB) NTFS
\\?\Volume{e4c96c1c-45aa-4d3c-8ecf-5eb33417e3cf}\ (Lenovo_Recovery) (Fixed) (Total:11.75 GB) (Free:4.66 GB) NTFS
\\?\Volume{50943a13-e6cc-4287-98e2-760f273f40ad}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================
Přílohy
reklama1.JPG
reklama1.JPG (33.59 KiB) Zobrazeno 3951 x
_________________________________________________________________
RSIT | MWAV | CCleaner

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Preventivka

#17 Příspěvek od Conder »

Ahoj :)

:arrow: Podla toho screenu to vyzera na zapnute webove notifikacie/upozornenia od reklamnych stranok v Google Chrome. Otvor Chrome a chod do Nastaveni -> (uplne dole) Rozsirene -> Nastavenia webu -> Upozornenia -> v casti Povolene odstran vsetky webove stranky, ktore nepoznas a od ktorych nechces dostavat upozornenia. Takisto skontroluj, ci je tam zapnuta moznost "Spytat sa pred odoslanim" - ak nie, tak ju zapni.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#18 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#19 Příspěvek od dinospages »

Conderovu radu jsem zatím nedělal.

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-30-2019
# Duration: 00:00:12
# OS: Windows 10 Pro
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Pokki
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Pokki

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1408 octets] - [30/04/2019 12:01:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
_________________________________________________________________
RSIT | MWAV | CCleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#20 Příspěvek od Rudy »

Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#21 Příspěvek od dinospages »

viz priloha
Přílohy
Desktop.zip
(35.76 KiB) Staženo 155 x
_________________________________________________________________
RSIT | MWAV | CCleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#22 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {C2627A16-2C4C-4A7B-870A-47C96616CAE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
Task: {C78E8536-F996-43BB-865E-01618817E6E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> DefaultScope {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{C662CC68-8E73-4A20-84F9-C4FE2E0202DA}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EA156D7A-75D8-4B8D-9718-D4D5EFB0038C}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{00502890-148A-495A-933E-A78A1BD3ED58}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{24F88549-FFAD-45E8-9E06-9726021ACF6E}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{A3249F07-0179-434A-AC65-B636B58A99A1}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{FDDD7C48-B948-4327-B90C-A3F842867EA9}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{6B53777F-4D18-410C-876F-2E05DF703C99}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{9AF66228-AC06-4535-98FC-72F74F1D4C1A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{3585F7DD-1400-40FE-89FF-33D7B9322D75}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{BA1A64F9-52F3-4473-8751-1F8C602FC693}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{91F46B7C-DFEC-4010-A055-389A1F23B204}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File
FirewallRules: [{3A855037-6714-439D-9744-A38ACBCFE129}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File

EmptyTemp:
Hosts:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#23 Příspěvek od dinospages »

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-05.2019
Ran by lenovo (02-05-2019 12:03:02) Run:1
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {C2627A16-2C4C-4A7B-870A-47C96616CAE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
Task: {C78E8536-F996-43BB-865E-01618817E6E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> DefaultScope {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
SearchScopes: HKU\S-1-5-21-1864349024-1291946563-1421522111-1001 -> {E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} URL =
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
FirewallRules: [{C662CC68-8E73-4A20-84F9-C4FE2E0202DA}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{EA156D7A-75D8-4B8D-9718-D4D5EFB0038C}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{00502890-148A-495A-933E-A78A1BD3ED58}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{24F88549-FFAD-45E8-9E06-9726021ACF6E}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{A3249F07-0179-434A-AC65-B636B58A99A1}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{FDDD7C48-B948-4327-B90C-A3F842867EA9}] => (Allow) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe No File
FirewallRules: [{6B53777F-4D18-410C-876F-2E05DF703C99}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{9AF66228-AC06-4535-98FC-72F74F1D4C1A}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbService.exe No File
FirewallRules: [{3585F7DD-1400-40FE-89FF-33D7B9322D75}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{BA1A64F9-52F3-4473-8751-1F8C602FC693}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBConsoleUI.exe No File
FirewallRules: [{91F46B7C-DFEC-4010-A055-389A1F23B204}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File
FirewallRules: [{3A855037-6714-439D-9744-A38ACBCFE129}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe No File

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2627A16-2C4C-4A7B-870A-47C96616CAE8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2627A16-2C4C-4A7B-870A-47C96616CAE8}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C78E8536-F996-43BB-865E-01618817E6E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C78E8536-F996-43BB-865E-01618817E6E5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1864349024-1291946563-1421522111-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} => removed successfully
HKLM\Software\Classes\CLSID\{E3CB11C0-1568-4F4A-9CCA-8A146D8487C5} => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C662CC68-8E73-4A20-84F9-C4FE2E0202DA}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA156D7A-75D8-4B8D-9718-D4D5EFB0038C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00502890-148A-495A-933E-A78A1BD3ED58}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{24F88549-FFAD-45E8-9E06-9726021ACF6E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A3249F07-0179-434A-AC65-B636B58A99A1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FDDD7C48-B948-4327-B90C-A3F842867EA9}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6B53777F-4D18-410C-876F-2E05DF703C99}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AF66228-AC06-4535-98FC-72F74F1D4C1A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3585F7DD-1400-40FE-89FF-33D7B9322D75}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA1A64F9-52F3-4473-8751-1F8C602FC693}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91F46B7C-DFEC-4010-A055-389A1F23B204}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3A855037-6714-439D-9744-A38ACBCFE129}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10772480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 45358463 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 205152974 B
Edge => 38984 B
Chrome => 335644853 B
Firefox => 0 B
Opera => 66976752 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 191906850 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 95856 B
NetworkService => 0 B
lenovo => 247612079 B

RecycleBin => 9629952 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:05:08 ====
_________________________________________________________________
RSIT | MWAV | CCleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#24 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#25 Příspěvek od dinospages »

reklamy vyskakují stále dál mám udělat to co mi radil na začátku conder?

Dále se zeptám o co jde, existuje nejaky vir ktery se tváří jako zprava z ruzných messengeru (spíše než zpráva reklama), která způsobí nař odposlech z mikrofonu daného zařízení (mobil notebook)

Díky za echo

Zřejmě to tedy není můj případ, ale existuje něco takového?
_________________________________________________________________
RSIT | MWAV | CCleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#26 Příspěvek od Rudy »

Vir, který působí na mikrofon neznám. Zkusíme ještě vyčistit prohlížeče. Spusťte postupně tyto utility:

1.
Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#27 Příspěvek od dinospages »

Hotovo, u známých na mobilu to také vyskakuje a vypadá to jako zpráva např z whatsapp, nebo messengeru nebo signalu, ale pry je to také od chrome jen se to tváří jako zprávy z daných messengerů. Nemusejí se tedy bát že je někdo monitoruje či odposlouchává komunikaci skrze tyto messengery?


log ze zoek byl prilis dlouhy proto jej zasilam jako prilohu


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by lenovo (Administrator) on p  03. 05. 2019 at 12:27:04,29
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Lenovo Power Management Driver PnP Task (Task)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on p  03. 05. 2019 at 12:29:41,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Přílohy
zoek-results.zip
(9.45 KiB) Staženo 107 x
_________________________________________________________________
RSIT | MWAV | CCleaner

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118193
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivka

#28 Příspěvek od Rudy »

Dosud jsme nezaznamenali, že by reklama někoho sledovala. Zde bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#29 Příspěvek od dinospages »

Reklama mi stále naskakuje mozna v mensi mire ale stale se to objevuje.
_________________________________________________________________
RSIT | MWAV | CCleaner

dinospages
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 240
Registrován: 20 črc 2006 11:33

Re: Preventivka

#30 Příspěvek od dinospages »

jeste jsem stále neudělal tu radu od Condera tzn v nastavení chromu odtsranit upozorneni u webů které nechci.

Je tam vidět i ten od ktereho chodej ty reklamy: nclubs.xyz
_________________________________________________________________
RSIT | MWAV | CCleaner

Odpovědět