Kontrola

[vovsova]

Ahoj/Dobrý den.

Prosím o kontrolu logu.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petra at 2018-08-06 13:24:39
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 43 GB (9%) free of 460 GB
Total RAM: 3983 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:24:44, on 06/08/2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18838)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
C:\Program Files\trend micro\Petra.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - (no file)
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: IEPlugin - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - (no file)
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-372936869-4241919955-545115080-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-372936869-4241919955-545115080-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Odeslat do zaoízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zaoízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: %1!s! Update Service (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: %1!s! Update Service (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\Windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Lenovo Doze Mode Service (DozeSvc) - Lenovo. - C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: FLEXnet Licensing Service 64 - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HyperW7 Service (HyperW7Svc) - Lenovo Group Limited - C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
O23 - Service: Lenovo PM Service (IBMPMSVC) - Unknown owner - C:\Windows\system32\ibmpmsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Lenovo Camera Mute (LENOVO.CAMMUTE) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
O23 - Service: Lenovo Microphone Mute (LENOVO.MICMUTE) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
O23 - Service: Lenovo Keyboard Noise Reduction (LENOVO.TPKNRSVC) - Lenovo Group Limited - C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
O23 - Service: Lenovo Auto Scroll (Lenovo.VIRTSCRLSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Lenovo Platform Service (LPlatSvc) - Unknown owner - C:\Windows\system32\LPlatSvc.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GbR - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: Power Manager DBC Service - Lenovo - C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\Windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Unknown owner - C:\Windows\System32\TPHDEXLG64.exe (file missing)
O23 - Service: Lenovo Hotkey Client Loader (TPHKLOAD) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
O23 - Service: On Screen Display (TPHKSVC) - Lenovo Group Limited - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VIPAppService - Symantec Corporation - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13232 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\ibmpmsvc.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-97d3d023-a28d-46a4-89e7-db8ee93e4b0b -SystemEventPortName:HostProcess-520bd352-0018-4600-aabb-8a591288cd08 -IoCancelEventPortName:HostProcess-b29db18d-9719-4149-81da-f97ee7e6ce77 -NonStateChangingEventPortName:HostProcess-6999184b-9a36-44a5-a774-f22fe4463c28 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:2be7545a-ce41-4329-a93f-2f4328cdc8ec -DeviceGroupId:
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 30120800
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-1771122713-199588815614861746941587674803-37206499119844846744389060895321265
"C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe"
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
"C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe"
C:\Windows\system32\CxAudMsg64.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe"
"C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe"
"C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe"
"C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe"
"C:\Program Files (x86)\PDF Architect\HelperService.exe"
"C:\Program Files (x86)\PDF Architect\ConversionService.exe"
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SAsrv.exe
"C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2452
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe
taskhost.exe USER
taskeng.exe {7E4D956B-1D23-490B-8D4F-0953D68C0552}
"C:\Windows\system32\Dwm.exe"
C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe
C:\Windows\Explorer.EXE
"\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Windows\System32\TpShocks.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPLpr.exe"
"C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe" /start
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\msiexec.exe /V
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor

C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Petra\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petra\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=67.0.3396.99 --initial-client-data=0xc4,0xc8,0xcc,0xc0,0xd0,0x7fef4723228,0x7fef4723238,0x7fef4723248
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1820 --on-initialized-event-handle=380 --parent-handle=396 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=CEF960178FB5A8001187F7FB7906B45D --mojo-platform-channel-handle=1320 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --service-pipe-token=F22F08A4786B82CE3084D56317903857 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=F22F08A4786B82CE3084D56317903857 --renderer-client-id=3 --mojo-platform-channel-handle=2416 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --service-pipe-token=6175B772CFA23A223027347C0408C556 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=6175B772CFA23A223027347C0408C556 --renderer-client-id=10 --mojo-platform-channel-handle=1076 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --service-pipe-token=05EE0DD24406D5A31D69E22BA64DF964 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=05EE0DD24406D5A31D69E22BA64DF964 --renderer-client-id=22 --mojo-platform-channel-handle=1068 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --service-pipe-token=599FCEF87B5EDCDCA2451E3D3D01530C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=599FCEF87B5EDCDCA2451E3D3D01530C --renderer-client-id=23 --mojo-platform-channel-handle=2500 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1304,15435780180066937897,6085949315699547820,131072 --service-pipe-token=EF9E0623EEDDBD1B296D62833601E43E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=EF9E0623EEDDBD1B296D62833601E43E --renderer-client-id=25 --mojo-platform-channel-handle=1940 /prefetch:1
"C:\Users\Petra\Downloads\RSITx64 (3).exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\SystemToolsDailyTest.job - C:\Program Files\PC-Doctor\uaclauncher.exe -silentenumeration -st SystemToolsDailyTest --ignoresecondarysplash --runsilently

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-05 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2011-07-12 2417264]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-05 812248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6}]
Symantec VIP Access Add-On

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe [2011-03-14 316032]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-03-10 167960]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-03-10 391704]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-03-10 418840]
"TpShocks"=C:\Windows\system32\TpShocks.exe [2010-12-09 380776]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-18 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-06-24 18385368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Creative Cloud]
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-09-17 2292912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-09-23 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04 508104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeBridge]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ALCKRESI.EXE]
C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [2011-02-28 281448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2018-06-24 18385368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnecitfyTemp 3]
cmd /Q /C rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\3 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ConnecitfyTemp 5]
cmd /Q /C rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\5 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
C:\Program Files\Logitech\SetPointP\SetPoint.exe [2011-06-24 1744152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlashPlayerUpdate]
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe -update activex []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ForteConfig]
C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IMSS]
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-01-17 112152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-04-08 319152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lenovo Registration]
C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [2011-02-09 4309184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LENOVO.TPKNRRES]
C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [2011-04-05 41320]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogiScrollApp]
C:\Program Files\Logitech\ScrollApp\KhalScroll.exe [2011-09-16 50456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-12-22 1804432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2015-12-22 2168976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWMTRV]
rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RotateImage]
C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [2008-10-31 55808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24 2963184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\ThinkPad\BLUETO~1\BTTray.exe [2010-12-19 1202976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk]
C:\PROGRA~2\COMMON~1\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE [2010-12-13 1198592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-03-06 385024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2011-06-17 68376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll [2010-12-08 135504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-08-06 13:07:49 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-01 14:35:13 ----D---- C:\Users\Petra\AppData\Roaming\TeamViewer

======List of files/folders modified in the last 1 month======

2018-08-06 23:04:37 ----D---- C:\Windows\Tasks
2018-08-06 23:04:37 ----D---- C:\Windows\SysWOW64
2018-08-06 23:04:37 ----D---- C:\Windows\system32\wfp
2018-08-06 23:04:37 ----D---- C:\Windows\system32\DriverStore
2018-08-06 23:04:37 ----D---- C:\Windows\system32\catroot2
2018-08-06 23:04:36 ----D---- C:\Windows\system32\drivers\etc
2018-08-06 23:04:31 ----D---- C:\Windows\system32\wbem
2018-08-06 23:04:31 ----D---- C:\Windows\registration
2018-08-06 22:59:09 ----SHD---- C:\System Volume Information
2018-08-06 22:52:56 ----D---- C:\Windows\system32\LogFiles
2018-08-06 13:24:44 ----D---- C:\Windows\Prefetch
2018-08-06 13:24:43 ----D---- C:\Program Files\trend micro
2018-08-06 13:24:26 ----D---- C:\Windows\Temp
2018-08-06 13:18:23 ----D---- C:\Users\Petra\AppData\Roaming\XnView
2018-08-06 13:18:17 ----D---- C:\Windows\inf
2018-08-06 13:18:17 ----D---- C:\Windows
2018-08-06 13:17:40 ----D---- C:\Windows\system32\config
2018-08-06 13:17:17 ----SHD---- C:\Windows\Installer
2018-08-06 13:09:42 ----A---- C:\Windows\SYSWOW64\log.txt
2018-08-06 13:09:06 ----D---- C:\Windows\system32\Tasks
2018-08-06 13:08:55 ----D---- C:\Windows\system32\drivers
2018-08-06 13:07:49 ----D---- C:\Windows\System32
2018-08-06 13:06:32 ----D---- C:\ProgramData\NVIDIA
2018-07-30 12:42:21 ----A---- C:\Windows\system32\drivers\asw73ab98168cfd045f.tmp
2018-07-19 15:22:12 ----D---- C:\FRST
2018-07-19 15:20:00 ----D---- C:\Users\Petra\AppData\Roaming\vlc
2018-07-18 13:53:59 ----SHD---- C:\$RECYCLE.BIN
2018-07-18 13:52:19 ----RD---- C:\Program Files (x86)
2018-07-18 13:51:40 ----D---- C:\Users\Petra\AppData\Roaming\ICQ
2018-07-18 13:40:14 ----HD---- C:\ProgramData
2018-07-18 13:39:03 ----D---- C:\ProgramData\Skype
2018-07-18 13:39:02 ----SHD---- C:\Config.Msi
2018-07-18 13:39:01 ----D---- C:\Program Files (x86)\Common Files
2018-07-18 13:23:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2018-07-18 13:23:22 ----D---- C:\Windows\system32\Macromed
2018-07-18 13:23:17 ----D---- C:\Windows\SYSWOW64\Macromed
2018-07-18 13:05:59 ----A---- C:\Windows\system32\drivers\asw215b41c02336e150.tmp
2018-07-18 13:05:58 ----A---- C:\Windows\system32\drivers\aswfb9d19d3e064e125.tmp
2018-07-18 13:05:58 ----A---- C:\Windows\system32\drivers\aswfb801b497f0b90b9.tmp
2018-07-18 13:05:58 ----A---- C:\Windows\system32\drivers\aswfa52e649194ffdfc.tmp
2018-07-18 13:05:58 ----A---- C:\Windows\system32\drivers\asw7118211740796563.tmp
2018-07-18 13:05:58 ----A---- C:\Windows\system32\drivers\asw3fa56c087eb24531.tmp
2018-07-18 13:05:57 ----A---- C:\Windows\system32\drivers\asw7197ed60a74dbdf9.tmp
2018-07-18 13:05:37 ----A---- C:\Windows\system32\drivers\aswc605913b6f497bac.tmp
2018-07-18 13:05:31 ----A---- C:\Windows\system32\drivers\aswa8c19d10d4622091.tmp
2018-07-18 13:05:28 ----A---- C:\Windows\system32\drivers\aswcb912a0654812373.tmp
2018-07-18 13:05:28 ----A---- C:\Windows\system32\drivers\aswba14fe913d993876.tmp
2018-07-18 13:05:28 ----A---- C:\Windows\system32\drivers\asw9a853319e1d7e1ca.tmp
2018-07-18 13:05:28 ----A---- C:\Windows\system32\drivers\asw1991368c466c5c67.tmp
2018-07-18 12:58:35 ----D---- C:\Windows\debug
2018-07-18 12:56:23 ----D---- C:\Program Files\CCleaner

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-18 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-18 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-18 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-18 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-18 381584]
R0 DzHDD64;DzHDD64; C:\Windows\System32\DRIVERS\DzHDD64.sys [2011-03-23 31344]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-12-22 40080]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 Shockprf;Shockprf; C:\Windows\System32\DRIVERS\Apsx64.sys [2010-12-16 139888]
R0 TPDIGIMN;TPDIGIMN; C:\Windows\System32\DRIVERS\ApsHM64.sys [2010-12-16 23664]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-18 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-18 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-07-18 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-18 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-18 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-07-30 467064]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 lenovo.smi;Lenovo System Interface Driver; C:\Windows\system32\DRIVERS\smiifx64.sys [2010-09-07 15472]
R1 nvkflt;nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [2015-12-22 308368]
R1 PHCORE;PHCORE; \??\C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS [2010-12-03 31592]
R1 TPPWRIF;TPPWRIF; C:\Windows\System32\drivers\Tppwr64v.sys [2011-03-23 14960]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-18 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-18 211160]
R2 risdxc;risdxc; C:\Windows\system32\DRIVERS\risdxc64.sys [2011-03-23 101376]
R2 smihlp;SMI Helper Driver (smihlp); \??\C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [2009-03-13 13840]
R3 5U877;USB Video Device; C:\Windows\system32\DRIVERS\5U877.sys [2011-03-05 166016]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2012-06-04 1580704]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2015-10-29 506880]
R3 IBMPMDRV;IBMPMDRV; C:\Windows\system32\DRIVERS\ibmpmdrv.sys [2016-04-22 82240]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-03-06 12264384]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2010-12-21 8505856]
R3 psadd;Lenovo Parties Service Access Device Driver; C:\Windows\system32\DRIVERS\psadd.sys [2009-12-02 40512]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2013-04-24 460528]
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2016-02-05 147904]
R3 TVTI2C;Lenovo SM bus driver; C:\Windows\system32\DRIVERS\Tvti2c.sys [2009-09-24 41536]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-18 46976]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2010-12-19 425000]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-12-19 145960]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2010-12-19 162344]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-12-19 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-12-19 21416]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712]
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys [2016-03-01 22704]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-04-30 66840]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-04-30 60184]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 pmxdrv;pmxdrv; \??\C:\Windows\system32\drivers\pmxdrv.sys [2011-08-09 31152]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 165504]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2016-04-25 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2011-01-25 18432]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-09-15 669872]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-18 322464]
R2 btwdins;Bluetooth Service; C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe [2010-12-19 962848]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 CxAudMsg;@C:\Windows\system32\CxAudMsg64.exe,-100; C:\Windows\system32\CxAudMsg64.exe [2010-12-17 198784]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-12-17 1515792]
R2 IBMPMSVC;Lenovo PM Service; C:\Windows\system32\ibmpmsvc.exe [2016-04-22 180736]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
R2 LENOVO.CAMMUTE;Lenovo Camera Mute; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [2011-04-05 40808]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [2010-11-24 45496]
R2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [2011-04-05 59240]
R2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [2010-04-07 93032]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-17 326168]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-11-05 1255544]
R2 PDF Architect Helper Service;PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [2013-01-09 1324104]
R2 PDF Architect Service;PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [2013-01-09 795208]
R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-12-17 836880]
R2 SAService;Conexant SmartAudio service; C:\Windows\system32\SAsrv.exe []
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2015-11-05 417400]
R2 TPHKSVC;On Screen Display; C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2010-12-02 64440]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-17 2656280]
R2 VIPAppService;VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-07-12 82544]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-18 7780400]
S2 avast;%1!s! Update Service (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-04-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-04-21 128648]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 HyperW7Svc;HyperW7 Service; C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe [2010-12-03 116072]
S2 LPlatSvc;Lenovo Platform Service; C:\Windows\system32\LPlatSvc.exe [2016-04-22 710144]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-05-15 1262400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12 271448]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 avastm;%1!s! Update Service (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05 164984]
S3 DozeSvc;Lenovo Doze Mode Service; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [2011-03-23 477032]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-01 1436424]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-03-21 867080]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2017-10-14 116224]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2011-06-17 359192]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-06 147400]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Power Manager DBC Service;Power Manager DBC Service; C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [2011-03-23 79208]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 TPHDEXLGSVC;ThinkPad HDD APS Logging Service; C:\Windows\System32\TPHDEXLG64.exe [2010-12-16 47728]
S3 TPHKLOAD;Lenovo Hotkey Client Loader; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [2010-12-03 114024]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-04-21 52856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-04-21 136312]

-----------------EOF-----------------

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[vovsova]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-07-25.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-06-2018
# Duration: 00:00:03
# OS: Windows 7 Professional
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\Petra\Downloads\SpyHunter-Installer.exe
Deleted C:\Windows\System32\drivers\EsgScanner.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\SpyHunter4.exe

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1460 octets] - [06/08/2018 14:38:59]
AdwCleaner[S01].txt - [1521 octets] - [06/08/2018 14:40:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Conder]

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

[vovsova]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Petra (administrator) on PETRA-THINK (07-08-2018 12:26:52)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Farbar) C:\Users\Petra\Desktop\FRST64 (3).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\MountPoints2: {940c94c6-c2b0-11e0-a15b-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [185816 2015-12-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164008 2015-12-22] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C8C03687-8074-4019-A856-608B8206A041}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-05] (AVAST Software)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2011-07-12] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-05] (AVAST Software)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt
FF Extension: (Logitech Scroll App) - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt [2011-10-01] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (07-08-2018 12:28:48)
Running from C:\Users\Petra\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-01 00:14:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-372936869-4241919955-545115080-500 - Administrator - Disabled)
Guest (S-1-5-21-372936869-4241919955-545115080-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-372936869-4241919955-545115080-1003 - Limited - Enabled)
Petra (S-1-5-21-372936869-4241919955-545115080-1001 - Administrator - Enabled) => C:\Users\Petra
UpdatusUser (S-1-5-21-372936869-4241919955-545115080-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArcGIS Desktop 10 (HKLM-x32\...\{64665955-E1A1-4A8B-BFFA-673A95318909}) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2011 - česky (HKLM\...\{5783F2D7-9001-0405-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - česky Version 2.1 (HKLM\...\AutoCAD 2011 - česky Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - česky (HKLM\...\{5783F2D7-9001-0405-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.100 - AVAST Software)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Čeština pro ArcGIS Desktop 10.0 SP3 (HKLM-x32\...\Čeština pro ArcGIS Desktop 10.0 SP3 1.0) (Version: 1.0 - ARCDATA PRAHA)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HEC-RAS 4.1.0 (HKLM-x32\...\{692F1402-6F45-42F3-9D82-9AAEFBFAD4A1}) (Version: 4.1.0 - Hydrologic Engineering Center)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Logitech Scroll App 2.0 (HKLM\...\Sn1) (Version: 2.00.43 - Logitech)
Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - )
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 cs)) (Version: 45.8.0 - Mozilla)
MPVAK_Zprac (HKLM-x32\...\{2F22E02D-A82B-4651-BE55-DE9739510B65}) (Version: 1.0.0 - V+WARE)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mview 11.22 "c:\MisysView\" (HKLM-x32\...\Mview_0) (Version: - )
NVIDIA nView 146.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.78 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 354.45 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 354.45 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - ) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (HKLM\...\4534F449D55EE49DEE206B3D9A3B1811E1A495EA) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows Driver Package - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XnView 1.98.8 (HKLM-x32\...\XnView_is1) (Version: 1.98.8 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-02-10] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-01-09] (pdfforge GbR)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-12-22] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-06] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {0D7411C9-4E45-435B-9C1C-CFD28CB28439} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {3E876F37-83FE-46F4-B007-1087FEC4CAE1} - System32\Tasks\AdobeAAMUpdater-1.0-Petra-THINK-Petra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {5AFCAF84-5098-4B15-B29C-EA502A8E61C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-08] (AVAST Software)
Task: {5F901082-53FF-412C-A2CF-CE8E480FF9D7} - System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {616288F0-19DD-4113-AE57-EB2258B847CE} - System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\setup_basic_3500.exe -d C:\Users\Petra\Downloads
Task: {73EBF79E-C293-4857-9626-6F98CF40B361} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77BE9395-1707-487B-B7B9-F0130FC6C891} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B39CB01-FB29-4C32-AA8A-13A48B89430A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {90260AF4-FC52-4424-A20E-A454C7F5970B} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {95464A3B-BDE0-47FE-8375-1C06F1F6C031} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {9C2CEBB8-EE25-4423-8D56-08E8A1BD5070} - System32\Tasks\{4E1A3B1B-A57D-4BDF-8E89-BAB35166E82B} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {A7A5977E-E523-43C6-89A7-44A5C654A7D7} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {AA85A015-C6BF-4F03-B35C-504FD9E0FACF} - System32\Tasks\vypnout => shutdown [Argument = -s]
Task: {B2D3C176-8718-451D-B696-88DCEC85EBDD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B38EFE42-45DB-423C-93CB-22ECB500F0DE} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D74E00FA-FA9A-4A78-BB39-6126DA74F355} - System32\Tasks\{CFBF3F30-5580-42C7-BACE-BD716591C1AD} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {D88A0635-50F7-45EA-A9F8-C29727DC08E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {DB5DF949-D6EE-4572-8E9B-F2361555EA42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-18] (AVAST Software)
Task: {E0832DBE-B737-4C32-A093-C0E39007769F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {E31A8004-F2E7-4298-A4B6-4B8992A8AFF6} - System32\Tasks\{16E0A721-1928-4446-88B1-23698581B436} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/cs/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {EFAC98AC-4466-4F95-99D4-DDB77EFA156D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F1D05380-89B3-4F7F-B04B-9B799783321F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {F20A5CB7-F5E6-4BD8-B129-8B210A78779D} - System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519\10UninstallUtility.exe -d C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519
Task: {FBD22A3B-DB42-400B-BC56-FCF8687D052C} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-12-17 22:53 - 2010-12-17 22:53 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-11 20:02 - 2015-09-11 20:02 - 000803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-08-09 20:09 - 2011-03-06 13:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-06-24 13:26 - 2018-06-24 13:26 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-07-16 11:10 - 2015-11-05 13:51 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2009-05-28 07:09 - 2009-05-28 07:09 - 000049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2018-07-18 13:05 - 2018-07-18 13:05 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-06 19:07 - 2018-08-06 19:07 - 005896848 _____ () C:\Program Files\AVAST Software\Avast\defs\18080604\algo.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-07 12:20 - 2018-08-07 12:20 - 005896848 _____ () C:\Program Files\AVAST Software\Avast\defs\18080701\algo.dll
2018-04-05 14:16 - 2018-04-05 14:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020808 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-03 23:45 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk => C:\Windows\pss\Logitech . Registrace produktu.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: ALCKRESI.EXE => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ConnecitfyTemp 3 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\3"
MSCONFIG\startupreg: ConnecitfyTemp 5 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\5"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe -update activex
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: nwiz => "C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{07F5F816-8FA3-4735-B9A3-5B929143FE88}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{F7ECF5B0-901E-4FAF-96E6-9F292FB3EE28}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{546F25B4-C8B0-46FC-9CC9-A1DF853A1145}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C324314F-2702-4D92-9C8E-38F0D58F2EE8}] => (Allow) LPort=2869
FirewallRules: [{39550C75-6348-4F82-ACC8-C153BCBE3653}] => (Allow) LPort=1900
FirewallRules: [{0926AF58-3445-4A17-BBD8-57B46BA33B47}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{89258838-BAF7-4B64-8F52-8BBDED0E0FE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C308A9B3-33EA-42E6-8471-36ED3271AFCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{85364B5E-C2F0-4654-9D05-2EBEE6FBD84E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{6131A5C7-CECE-4362-A2F2-064266A7073F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{BCA800F0-E5E2-4531-B02F-4FE62BB50F95}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{3F1FBCCA-986B-4D8F-9339-27CD378ECBD3}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{60AA9F1B-0FD6-45F3-987E-87EC96BDB1B7}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D3B999F5-9876-4FCA-A664-568EFDD848B4}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{9511C09C-B480-466F-9A5B-9A6D4FBD182B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [TCP Query User{F97EB85D-D68E-443C-A3FE-37B23A580712}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{4085A54C-BD8A-47BC-B3A3-79D82C6747C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{705F6FB4-0739-4B05-A8B2-7A7F74A4047A}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [UDP Query User{00B72E0C-5224-4726-81B3-DF18067BF3B7}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [TCP Query User{3B2B154F-1D4A-4110-9A6C-AB5EEF48F618}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{7D980041-FDF0-4E60-97D4-0208B6CEFE6F}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{96A48134-2F0D-45D7-8367-A9837E4FC34C}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{60D094F3-3DD3-4416-AD75-44CE709AD33B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{76FF5364-004C-44C8-9E45-CB84C81E909D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BC17B20C-ACC8-48A6-8D6B-10EA187F4581}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BD62F89D-E483-4848-9917-34552EDF49CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B4747A9A-7314-4A61-BDF2-E1B0E72569BF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{69239DD7-4A0F-4C8E-AAD3-A9E4455D7B70}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{B7B27436-3AEA-4A60-AD30-2F4DFE0820A4}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E4AE1CEC-8196-4395-8A6B-AA5A315EE8A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3D810F52-58B3-4C0F-A422-BD9F4CCC43D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{7E7505FA-E133-4EF3-A9D6-F99DF29CBA4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{0128A930-A119-4BB9-8C41-A24AD4C7B3A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{AEC84B97-21FC-47CD-8F00-973B2722C463}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{7C7D6DE0-7253-49A6-A0E6-94E191769D14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{50FFC479-B8F0-4876-B696-9EDCF27FD64B}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{4113F713-C85A-4D00-AFCE-E61457824467}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{BA9A95D6-6DD2-458D-9AFD-68830D2B3918}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{5E15ABA8-F0F7-4E91-B82B-66A146A07F1B}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E31EB53A-575E-4E7C-AC15-27F1D150C2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5600ABAC-EE11-4CB1-A0E5-8685D736CC20}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{363D5FF4-44FF-419F-8474-1D677ADD08B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{57C229E1-86EF-4100-9D3B-F8C416C7B5F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{39EB6AF8-1611-459F-92AF-0DABDAF90995}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D7379758-E931-4D8A-8EF7-2061BB772378}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{6400AA76-5BEE-4498-A6E5-666E09679A85}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FC7424E5-FB64-4819-BEF7-7BC64522EC40}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

02-05-2018 13:00:32 Naplánovaný kontrolní bod
02-07-2018 16:48:13 Naplánovaný kontrolní bod
18-07-2018 13:38:40 Removed Skype™ 7.0
01-08-2018 15:08:24 Naplánovaný kontrolní bod
06-08-2018 21:00:42 po emailu
07-08-2018 12:25:17 Installed ThinkPad Bluetooth with Enhanced Data Rate Software
07-08-2018 12:25:49 Installed ThinkPad Bluetooth with Enhanced Data Rate Software

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2018 12:29:06 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/07/2018 12:24:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64 (3).exe verze 2.8.2018.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 360

Čas spuštění: 01d42e38a7383136

Čas ukončení: 4

Cesta k aplikaci: C:\Users\Petra\Downloads\FRST64 (3).exe

ID hlášení: 037c34fc-9a2c-11e8-84a5-0021cc62ca58

Error: (08/07/2018 12:23:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:22:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:47 PM) (Source: Windows Search Service) (EventID: 3084) (User: )
Description: Načtení popisovače protokolu Csc se nezdařilo. Popis chyby: (HRESULT : 0x80040154).

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (08/07/2018 12:20:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/07/2018 12:20:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/07/2018 12:20:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/07/2018 12:20:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (08/07/2018 12:17:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (08/07/2018 12:17:07 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE

Error: (08/06/2018 09:05:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.

Error: (08/06/2018 08:05:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.


Windows Defender:
===================================
Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\Desktop\Google Chrome.lnk;file:C:\Users\Petra\Desktop\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.019
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-04-28 07:55:33.264
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{DCC938BD-DB32-4789-905F-69BE109AC4F1}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-04-22 07:15:39.826
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4058E42-6042-43DC-B1EC-2D149BBEE8EC}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2016-07-19 22:05:53.425
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-19 22:05:53.051
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 3983.23 MB
Available physical RAM: 2084.81 MB
Total Virtual: 7964.65 MB
Available Virtual: 6095.59 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:41.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.68 GB) NTFS

\\?\Volume{940c94c4-c2b0-11e0-a15b-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6811184)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[vovsova]

Omlouvam se, nejak se mi to divne nakopirovalo. Znova a lepe.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.08.2018
Ran by Petra (administrator) on PETRA-THINK (07-08-2018 12:26:52)
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Farbar) C:\Users\Petra\Desktop\FRST64 (3).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-18] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\MountPoints2: {940c94c6-c2b0-11e0-a15b-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [185816 2015-12-22] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164008 2015-12-22] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C8C03687-8074-4019-A856-608B8206A041}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-372936869-4241919955-545115080-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-04-05] (AVAST Software)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2011-07-12] (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-04-05] (AVAST Software)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt
FF Extension: (Logitech Scroll App) - C:\Program Files\Logitech\ScrollApp\LogiSmoothFirefoxExt [2011-10-01] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-28] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-06-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default [2018-08-07]
CHR Extension: (Prezentace) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Dokumenty) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Disk Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-05]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-05]
CHR Extension: (Vyhledávání Google) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-05]
CHR Extension: (Avast SafePrice) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-07-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-02]
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-08-06]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-07-18] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-18] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [477032 2011-03-23] (Lenovo.)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [93032 2010-04-07] (Lenovo Group Limited)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-04-22] (Lenovo.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [82544 2011-07-12] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [197160 2018-07-18] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [229392 2018-07-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201328 2018-07-18] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346664 2018-07-18] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59592 2018-07-18] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239680 2018-07-18] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-07-18] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159640 2018-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111872 2018-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-07-18] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027728 2018-07-18] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467064 2018-07-30] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [211160 2018-07-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381584 2018-07-18] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [308368 2015-12-22] (NVIDIA Corporation)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-08-09] ()
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-07 12:26 - 2018-08-07 12:27 - 000017405 _____ C:\Users\Petra\Desktop\FRST.txt
2018-08-07 12:24 - 2018-08-07 12:23 - 002412544 _____ (Farbar) C:\Users\Petra\Desktop\FRST64 (3).exe
2018-08-07 12:23 - 2018-08-07 12:23 - 002412544 _____ (Farbar) C:\Users\Petra\Downloads\FRST64 (3).exe
2018-08-06 19:26 - 2018-08-06 19:26 - 002412544 _____ (Farbar) C:\Users\Petra\Downloads\FRST64 (2).exe
2018-08-06 19:23 - 2018-08-06 19:23 - 026907467 _____ C:\Users\Petra\Downloads\TeamViewerPortable (1).zip
2018-08-06 14:37 - 2018-08-06 14:37 - 007417040 _____ (Malwarebytes) C:\Users\Petra\Desktop\adwcleaner_7.2.2.exe
2018-08-06 13:24 - 2018-08-06 13:24 - 001222144 _____ C:\Users\Petra\Downloads\RSITx64 (3).exe
2018-08-06 13:21 - 2018-08-06 13:21 - 000043042 _____ C:\Users\Petra\Documents\cc_20180806_132103.reg
2018-08-06 13:07 - 2018-07-18 13:05 - 000378072 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-08-03 12:27 - 2018-08-03 12:27 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (4).xpi
2018-08-02 14:23 - 2018-08-02 14:23 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (3).xpi
2018-08-02 14:15 - 2018-08-02 14:15 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (2).xpi
2018-08-02 14:11 - 2018-08-02 14:11 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb.xpi
2018-08-02 14:11 - 2018-08-02 14:11 - 000626028 _____ C:\Users\Petra\Downloads\cesky_slovnik_pro_kontrolu_pravopisu-1.1.0-fx+sm+tb (1).xpi
2018-08-01 15:30 - 2018-08-01 15:30 - 000000000 ____D C:\Users\Petra\AppData\Local\TeamViewer
2018-08-01 14:35 - 2018-08-01 14:35 - 000000000 ____D C:\Users\Petra\AppData\Roaming\TeamViewer
2018-08-01 14:34 - 2018-08-01 14:34 - 026907467 _____ C:\Users\Petra\Downloads\TeamViewerPortable.zip
2018-07-22 14:56 - 2018-07-22 14:56 - 000814942 _____ C:\Users\Petra\Desktop\vyhlaskaVaK20182019.pdf
2018-07-22 14:56 - 2018-07-22 14:56 - 000511300 _____ C:\Users\Petra\Desktop\zakonVaK.pdf
2018-07-22 14:54 - 2018-07-22 14:54 - 000868458 _____ C:\Users\Petra\Desktop\vyhlaskaVaK20162017.pdf
2018-07-22 14:52 - 2018-07-22 14:52 - 000853444 _____ C:\Users\Petra\Desktop\vyhlaskaVaK2018.pdf
2018-07-22 14:45 - 2018-07-22 14:45 - 001770306 _____ C:\Users\Petra\Downloads\ISPOP_Manual_pro_bilancni_formulare_2018_verze 1.0.pdf
2018-07-22 14:44 - 2018-07-22 14:44 - 001460055 _____ C:\Users\Petra\Downloads\vi101_00237612_2018.pdf
2018-07-22 14:43 - 2018-07-22 14:43 - 000759127 _____ C:\Users\Petra\Downloads\vh8b01_00237612_2018.pdf
2018-07-18 13:01 - 2018-07-18 13:01 - 000072100 _____ C:\Users\Petra\Documents\cc_20180718_130135.reg
2018-07-18 12:56 - 2018-07-18 12:56 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-07-18 12:55 - 2018-07-18 12:55 - 015989160 _____ (Piriform Ltd) C:\Users\Petra\Downloads\ccsetup544.exe
2018-07-18 12:55 - 2018-07-18 12:55 - 015989160 _____ (Piriform Ltd) C:\Users\Petra\Downloads\ccsetup544 (1).exe
2018-07-11 21:33 - 2018-07-11 21:33 - 009536812 _____ C:\Users\Petra\Downloads\drive-download-20180711T193300Z-001.zip
2018-07-11 21:13 - 2018-07-11 21:13 - 000033181 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_05-1335909460.pdf
2018-07-11 21:13 - 2018-07-11 21:13 - 000032842 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_06-1337126567.pdf
2018-07-11 21:13 - 2018-07-11 21:13 - 000032712 _____ C:\Users\Petra\Downloads\Vyuctovani_2018_04-1334689922.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-07 12:24 - 2016-03-01 18:52 - 000013834 _____ C:\Users\Petra\Downloads\FRST.txt
2018-08-07 12:23 - 2016-03-01 18:52 - 000000000 ____D C:\FRST
2018-08-07 12:18 - 2011-10-03 14:25 - 000000374 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2018-08-07 12:17 - 2011-08-09 20:10 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-07 12:17 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-06 23:04 - 2015-12-03 17:16 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-08-06 23:04 - 2011-08-09 20:10 - 000000000 ____D C:\Users\UpdatusUser
2018-08-06 23:04 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2018-08-06 19:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Web
2018-08-06 17:12 - 2009-07-14 06:45 - 000031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-06 17:12 - 2009-07-14 06:45 - 000031296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-06 17:05 - 2009-07-14 07:08 - 000032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-06 14:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-06 14:38 - 2016-03-01 23:16 - 000000000 ____D C:\AdwCleaner
2018-08-06 13:24 - 2012-08-22 15:35 - 000000000 ____D C:\Program Files\trend micro
2018-08-06 13:18 - 2012-07-15 20:08 - 000000000 ____D C:\Users\Petra\AppData\Roaming\XnView
2018-08-06 13:18 - 2011-10-01 15:49 - 000000000 ____D C:\Users\Petra\AppData\Local\CrashDumps
2018-08-06 13:09 - 2017-02-08 11:49 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-08-06 13:09 - 2014-11-24 20:39 - 000001893 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-06 13:06 - 2011-10-01 02:14 - 000000000 ____D C:\Users\Petra
2018-07-30 13:05 - 2011-11-08 18:06 - 000000000 ____D C:\Users\Petra\AppData\Local\Thunderbird
2018-07-30 12:57 - 2018-04-05 13:25 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-07-30 12:42 - 2012-01-26 15:29 - 000467064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-07-22 14:56 - 2011-10-06 16:26 - 002010112 ___SH C:\Users\Petra\Desktop\Thumbs.db
2018-07-21 17:18 - 2012-01-06 04:01 - 003844608 ___SH C:\Users\Petra\Downloads\Thumbs.db
2018-07-19 15:20 - 2011-09-30 23:44 - 000000000 ____D C:\Users\Petra\AppData\Roaming\vlc
2018-07-18 13:51 - 2011-10-08 13:34 - 000000000 ____D C:\Users\Petra\AppData\Roaming\ICQ
2018-07-18 13:39 - 2016-05-15 11:24 - 000000000 ____D C:\ProgramData\Skype
2018-07-18 13:23 - 2013-02-26 16:39 - 000842240 _____ C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-07-18 13:23 - 2012-02-22 21:55 - 000175104 _____ C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-18 13:23 - 2012-02-22 21:55 - 000000000 ____D C:\Windows\system32\Macromed
2018-07-18 13:23 - 2011-08-09 20:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-07-18 13:11 - 2018-04-05 13:22 - 000000000 ____D C:\Users\Petra\AppData\Local\AVAST Software
2018-07-18 13:05 - 2018-01-04 21:25 - 000239680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-07-18 13:05 - 2017-11-10 20:50 - 000197160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000346664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000229392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000201328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-07-18 13:05 - 2017-02-08 11:49 - 000059592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-07-18 13:05 - 2014-08-03 21:03 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-07-18 13:05 - 2014-03-24 19:39 - 000211160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-07-18 13:05 - 2013-04-12 00:15 - 000381584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-07-18 13:05 - 2013-04-12 00:15 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-07-18 13:05 - 2012-04-15 13:58 - 000111872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-07-18 13:05 - 2012-01-26 15:29 - 001027728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-07-18 13:05 - 2012-01-26 15:29 - 000159640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-07-18 13:02 - 2016-11-29 20:58 - 000003388 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-07-18 13:02 - 2016-11-29 20:58 - 000003260 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-07-18 12:56 - 2011-10-01 03:12 - 000000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-18 12:56 - 2011-10-01 03:12 - 000000000 ____D C:\Program Files\CCleaner

==================== Files in the root of some directories =======

2017-01-09 20:43 - 2017-01-09 20:47 - 000004608 _____ () C:\Users\Petra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-04-15 13:59 - 2012-04-15 14:00 - 000007597 _____ () C:\Users\Petra\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2015-08-14 14:29 - 2015-07-29 22:08 - 000681097 _____ (SQLite Development Team) C:\Users\Petra\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-06 16:57

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (07-08-2018 12:28:48)
Running from C:\Users\Petra\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-10-01 00:14:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-372936869-4241919955-545115080-500 - Administrator - Disabled)
Guest (S-1-5-21-372936869-4241919955-545115080-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-372936869-4241919955-545115080-1003 - Limited - Enabled)
Petra (S-1-5-21-372936869-4241919955-545115080-1001 - Administrator - Enabled) => C:\Users\Petra
UpdatusUser (S-1-5-21-372936869-4241919955-545115080-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Apple Application Support (HKLM-x32\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ArcGIS Desktop 10 (HKLM-x32\...\{64665955-E1A1-4A8B-BFFA-673A95318909}) (Version: 10.0.2414 - Environmental Systems Research Institute, Inc.) Hidden
ArchiCAD 15 R1 CZE (HKLM\...\001FFF2FFF15FF00FF1101F01F02F000-R1) (Version: 15.0 - Graphisoft)
AutoCAD 2011 - česky (HKLM\...\{5783F2D7-9001-0405-0102-0060B0CE6BBA}) (Version: 18.1.116.0 - Autodesk) Hidden
AutoCAD 2011 - česky (HKLM\...\AutoCAD 2011 - česky) (Version: 18.1.49.0 - Autodesk)
AutoCAD 2011 - česky Version 2.1 (HKLM\...\AutoCAD 2011 - česky Version 2.1) (Version: 1 - Autodesk)
AutoCAD 2011 Language Pack - česky (HKLM\...\{5783F2D7-9001-0405-1102-0060B0CE6BBA}) (Version: 18.1.49.0 - Autodesk) Hidden
Autodesk Material Library 2011 (HKLM-x32\...\{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}) (Version: 2.0.0.49 - Autodesk)
Autodesk Material Library 2011 Base Image library (HKLM-x32\...\{CD1E078C-A6B9-47DA-B035-6365C85C7832}) (Version: 2.0.0.49 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 67.1.664.100 - AVAST Software)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Čeština pro ArcGIS Desktop 10.0 SP3 (HKLM-x32\...\Čeština pro ArcGIS Desktop 10.0 SP3 1.0) (Version: 1.0 - ARCDATA PRAHA)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.5 - Conexant)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HEC-RAS 4.1.0 (HKLM-x32\...\{692F1402-6F45-42F3-9D82-9AAEFBFAD4A1}) (Version: 4.1.0 - Hydrologic Engineering Center)
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.00 - )
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.2 - Lenovo Inc.)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Lenovo)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 2.02.003.0 - Lenovo)
Logitech Scroll App 2.0 (HKLM\...\Sn1) (Version: 2.00.43 - Logitech)
Logitech SetPoint 6.30 (HKLM\...\sp6) (Version: 6.30.43 - Logitech)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.7 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - )
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.8.0 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 cs)) (Version: 45.8.0 - Mozilla)
MPVAK_Zprac (HKLM-x32\...\{2F22E02D-A82B-4651-BE55-DE9739510B65}) (Version: 1.0.0 - V+WARE)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mview 11.22 "c:\MisysView\" (HKLM-x32\...\Mview_0) (Version: - )
NVIDIA nView 146.78 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.78 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.16.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.16.0 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.45 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.22.00 - )
OpenOffice.org 3.3 (HKLM-x32\...\{10B43A43-FF73-47FD-83E8-A503E84F9ED6}) (Version: 3.3.9567 - OpenOffice.org)
Ovládací panel NVIDIA 354.45 (HKLM\...\{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 354.45 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.2 - pdfforge)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
RapidBoot (HKLM-x32\...\{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo) Hidden
RapidBoot (HKLM-x32\...\InstallShield_{C83D5AA1-6A1F-4102-8F7F-C0230DD31FC0}) (Version: 1.00 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
RICOH_Media_Driver_v2.13.18.02 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.13.18.02 - RICOH)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.16041.12 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - ) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16035.2 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.00.0042 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.22 - )
ThinkPad Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.48 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.01 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.06 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.2.141 - VeriSign)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows Driver Package - Intel (MEIx64) System (10/19/2010 7.0.0.1144) (HKLM\...\90FD26A77B849AE03FF5F07A1CDA7F950406A8D8) (Version: 10/19/2010 7.0.0.1144 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\A513FC5E5A08D4EF27F234E91E0E942A0234210B) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows Driver Package - Intel System (10/04/2010 9.2.0.1015) (HKLM\...\FE1BEBFD475BB832AAF104F5C63348E98A9286DF) (Version: 10/04/2010 9.2.0.1015 - Intel)
Windows Driver Package - Intel USB (09/16/2010 9.2.0.1013) (HKLM\...\D97688B8E3830BF9820E15EB8D9552DCBF988CFD) (Version: 09/16/2010 9.2.0.1013 - Intel)
Windows Driver Package - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows Driver Package - Ricoh Company SD Host Controller (03/23/2011 6.10.10.30) (HKLM\...\4534F449D55EE49DEE206B3D9A3B1811E1A495EA) (Version: 03/23/2011 6.10.10.30 - Ricoh Company)
Windows Driver Package - Synaptics (SynTP) Mouse (03/24/2011 15.2.19.0) (HKLM\...\5DF942712DC7660AE4A1B04809A1C3F67B0CA27C) (Version: 03/24/2011 15.2.19.0 - Synaptics)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
XnView 1.98.8 (HKLM-x32\...\XnView_is1) (Version: 1.98.8 - Gougelet Pierre-e)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{6D7AE628-FF41-4CD3-91DD-34825BB1A251}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{C92FB640-AD4D-498A-9979-A51A2540C977}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2011\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2011\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-372936869-4241919955-545115080-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2010-02-10] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-02-10] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-01-09] (pdfforge GbR)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2015-12-22] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-03-06] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-11-05] (NVIDIA Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-07-18] (AVAST Software)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2012-06-06] (Piriform Ltd)
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {0D7411C9-4E45-435B-9C1C-CFD28CB28439} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {3E876F37-83FE-46F4-B007-1087FEC4CAE1} - System32\Tasks\AdobeAAMUpdater-1.0-Petra-THINK-Petra => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {5AFCAF84-5098-4B15-B29C-EA502A8E61C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-08] (AVAST Software)
Task: {5F901082-53FF-412C-A2CF-CE8E480FF9D7} - System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {616288F0-19DD-4113-AE57-EB2258B847CE} - System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\setup_basic_3500.exe -d C:\Users\Petra\Downloads
Task: {73EBF79E-C293-4857-9626-6F98CF40B361} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {77BE9395-1707-487B-B7B9-F0130FC6C891} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {8B39CB01-FB29-4C32-AA8A-13A48B89430A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-12] (Adobe Systems Incorporated)
Task: {90260AF4-FC52-4424-A20E-A454C7F5970B} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {95464A3B-BDE0-47FE-8375-1C06F1F6C031} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {9C2CEBB8-EE25-4423-8D56-08E8A1BD5070} - System32\Tasks\{4E1A3B1B-A57D-4BDF-8E89-BAB35166E82B} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {A7A5977E-E523-43C6-89A7-44A5C654A7D7} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2009-05-28] ()
Task: {AA85A015-C6BF-4F03-B35C-504FD9E0FACF} - System32\Tasks\vypnout => shutdown [Argument = -s]
Task: {B2D3C176-8718-451D-B696-88DCEC85EBDD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B38EFE42-45DB-423C-93CB-22ECB500F0DE} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2011-03-23] (Lenovo Group Limited)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D74E00FA-FA9A-4A78-BB39-6126DA74F355} - System32\Tasks\{CFBF3F30-5580-42C7-BACE-BD716591C1AD} => C:\Program Files (x86)\HEC\HEC-RAS\4.1.0\ras.exe [2010-03-03] (Hydrologic Engineering Center)
Task: {D88A0635-50F7-45EA-A9F8-C29727DC08E1} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {DB5DF949-D6EE-4572-8E9B-F2361555EA42} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-07-18] (AVAST Software)
Task: {E0832DBE-B737-4C32-A093-C0E39007769F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {E31A8004-F2E7-4298-A4B6-4B8992A8AFF6} - System32\Tasks\{16E0A721-1928-4446-88B1-23698581B436} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/cs/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {EFAC98AC-4466-4F95-99D4-DDB77EFA156D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {F1D05380-89B3-4F7F-B04B-9B799783321F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {F20A5CB7-F5E6-4BD8-B129-8B210A78779D} - System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519\10UninstallUtility.exe -d C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519
Task: {FBD22A3B-DB42-400B-BC56-FCF8687D052C} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-10] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-12-17 22:53 - 2010-12-17 22:53 - 001501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-09-11 20:02 - 2015-09-11 20:02 - 000803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-08-09 20:09 - 2011-03-06 13:07 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2018-06-24 13:26 - 2018-06-24 13:26 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-07-16 11:10 - 2015-11-05 13:51 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000599768 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2009-05-28 07:09 - 2009-05-28 07:09 - 000049976 _____ () C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe
2018-07-18 13:05 - 2018-07-18 13:05 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-06 19:07 - 2018-08-06 19:07 - 005896848 _____ () C:\Program Files\AVAST Software\Avast\defs\18080604\algo.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000928984 _____ () C:\Program Files\AVAST Software\Avast\anen.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000532696 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000150744 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000985304 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2018-08-07 12:20 - 2018-08-07 12:20 - 005896848 _____ () C:\Program Files\AVAST Software\Avast\defs\18080701\algo.dll
2018-04-05 14:16 - 2018-04-05 14:16 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-07-18 13:05 - 2018-07-18 13:05 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2011-08-09 20:09 - 2015-12-22 11:33 - 000020808 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\mojebanka.cz -> hxxps://www.mojebanka.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-03-03 23:45 - 000000841 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-372936869-4241919955-545115080-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Registrace produktu.lnk => C:\Windows\pss\Logitech . Registrace produktu.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Petra^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: ALCKRESI.EXE => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: ConnecitfyTemp 3 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\3"
MSCONFIG\startupreg: ConnecitfyTemp 5 => cmd /Q /C "rmdir /S /Q C:\Users\Petra\AppData\Local\Temp\Connectify\5"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_191_ActiveX.exe -update activex
MSCONFIG\startupreg: ForteConfig => C:\Program Files\Conexant\ForteConfig\fmapp.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Lenovo Registration => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe /boot
MSCONFIG\startupreg: LENOVO.TPKNRRES => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
MSCONFIG\startupreg: LogiScrollApp => C:\Program Files\Logitech\ScrollApp\KhalScroll.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: nwiz => "C:\Program Files\NVIDIA Corporation\nview\nwiz.exe" /installquiet
MSCONFIG\startupreg: PWMTRV => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{07F5F816-8FA3-4735-B9A3-5B929143FE88}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{F7ECF5B0-901E-4FAF-96E6-9F292FB3EE28}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{546F25B4-C8B0-46FC-9CC9-A1DF853A1145}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C324314F-2702-4D92-9C8E-38F0D58F2EE8}] => (Allow) LPort=2869
FirewallRules: [{39550C75-6348-4F82-ACC8-C153BCBE3653}] => (Allow) LPort=1900
FirewallRules: [{0926AF58-3445-4A17-BBD8-57B46BA33B47}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{89258838-BAF7-4B64-8F52-8BBDED0E0FE2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{C308A9B3-33EA-42E6-8471-36ED3271AFCF}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{85364B5E-C2F0-4654-9D05-2EBEE6FBD84E}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{6131A5C7-CECE-4362-A2F2-064266A7073F}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{BCA800F0-E5E2-4531-B02F-4FE62BB50F95}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\UNCServer.exe
FirewallRules: [{3F1FBCCA-986B-4D8F-9339-27CD378ECBD3}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{60AA9F1B-0FD6-45F3-987E-87EC96BDB1B7}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD.exe
FirewallRules: [{D3B999F5-9876-4FCA-A664-568EFDD848B4}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{9511C09C-B480-466F-9A5B-9A6D4FBD182B}] => (Allow) C:\Program Files\Graphisoft\ArchiCAD 15\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [TCP Query User{F97EB85D-D68E-443C-A3FE-37B23A580712}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{4085A54C-BD8A-47BC-B3A3-79D82C6747C0}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{705F6FB4-0739-4B05-A8B2-7A7F74A4047A}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [UDP Query User{00B72E0C-5224-4726-81B3-DF18067BF3B7}C:\program files\graphisoft\archicad 15\gsreport.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsreport.exe
FirewallRules: [TCP Query User{3B2B154F-1D4A-4110-9A6C-AB5EEF48F618}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [UDP Query User{7D980041-FDF0-4E60-97D4-0208B6CEFE6F}C:\program files\graphisoft\archicad 15\archicad.exe] => (Allow) C:\program files\graphisoft\archicad 15\archicad.exe
FirewallRules: [TCP Query User{96A48134-2F0D-45D7-8367-A9837E4FC34C}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [UDP Query User{60D094F3-3DD3-4416-AD75-44CE709AD33B}C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe] => (Allow) C:\program files\graphisoft\archicad 15\gsquicktimeserver\gsqtserver.exe
FirewallRules: [TCP Query User{76FF5364-004C-44C8-9E45-CB84C81E909D}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{BC17B20C-ACC8-48A6-8D6B-10EA187F4581}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BD62F89D-E483-4848-9917-34552EDF49CD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B4747A9A-7314-4A61-BDF2-E1B0E72569BF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{69239DD7-4A0F-4C8E-AAD3-A9E4455D7B70}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{B7B27436-3AEA-4A60-AD30-2F4DFE0820A4}C:\program files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\program files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E4AE1CEC-8196-4395-8A6B-AA5A315EE8A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{3D810F52-58B3-4C0F-A422-BD9F4CCC43D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{7E7505FA-E133-4EF3-A9D6-F99DF29CBA4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{0128A930-A119-4BB9-8C41-A24AD4C7B3A4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{AEC84B97-21FC-47CD-8F00-973B2722C463}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{7C7D6DE0-7253-49A6-A0E6-94E191769D14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [TCP Query User{50FFC479-B8F0-4876-B696-9EDCF27FD64B}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [UDP Query User{4113F713-C85A-4D00-AFCE-E61457824467}C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\frd.exe
FirewallRules: [TCP Query User{BA9A95D6-6DD2-458D-9AFD-68830D2B3918}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [UDP Query User{5E15ABA8-F0F7-4E91-B82B-66A146A07F1B}C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe] => (Allow) C:\Program Files\graphisoft\archicad 15\licensefilegenerator.exe
FirewallRules: [{E31EB53A-575E-4E7C-AC15-27F1D150C2CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5600ABAC-EE11-4CB1-A0E5-8685D736CC20}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{363D5FF4-44FF-419F-8474-1D677ADD08B9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{57C229E1-86EF-4100-9D3B-F8C416C7B5F8}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{39EB6AF8-1611-459F-92AF-0DABDAF90995}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{D7379758-E931-4D8A-8EF7-2061BB772378}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{6400AA76-5BEE-4498-A6E5-666E09679A85}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{FC7424E5-FB64-4819-BEF7-7BC64522EC40}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe

==================== Restore Points =========================

02-05-2018 13:00:32 Naplánovaný kontrolní bod
02-07-2018 16:48:13 Naplánovaný kontrolní bod
18-07-2018 13:38:40 Removed Skype™ 7.0
01-08-2018 15:08:24 Naplánovaný kontrolní bod
06-08-2018 21:00:42 po emailu
07-08-2018 12:25:17 Installed ThinkPad Bluetooth with Enhanced Data Rate Software
07-08-2018 12:25:49 Installed ThinkPad Bluetooth with Enhanced Data Rate Software

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2018 12:29:06 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.

Error: (08/07/2018 12:24:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64 (3).exe verze 2.8.2018.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 360

Čas spuštění: 01d42e38a7383136

Čas ukončení: 4

Cesta k aplikaci: C:\Users\Petra\Downloads\FRST64 (3).exe

ID hlášení: 037c34fc-9a2c-11e8-84a5-0021cc62ca58

Error: (08/07/2018 12:23:02 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:22:17 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:47 PM) (Source: Windows Search Service) (EventID: 3084) (User: )
Description: Načtení popisovače protokolu Csc se nezdařilo. Popis chyby: (HRESULT : 0x80040154).

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.

Error: (08/07/2018 12:21:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Nepodařilo se přidat certifikát do úložiště kořenových certifikačních autorit třetích stran. Chyba: Přístup byl odepřen.


System errors:
=============
Error: (08/07/2018 12:20:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/07/2018 12:20:52 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/07/2018 12:20:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (08/07/2018 12:20:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (08/07/2018 12:17:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Lenovo Platform Service bylo dosaženo časového limitu (30000 ms).

Error: (08/07/2018 12:17:07 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE

Error: (08/06/2018 09:05:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.

Error: (08/06/2018 08:05:22 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: Agent serveru proxy služby DNS nemohl přidělit 0 bajtů paměti. To může znamenat, že tento systém má nedostatek virtuální paměti nebo že správce paměti zjistil vnitřní chybu.


Windows Defender:
===================================
Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\Desktop\Google Chrome.lnk;file:C:\Users\Petra\Desktop\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.064
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2016-03-01 16:58:13.019
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=224129
Název:BrowserModifier:Win32/Yoursearching!blnk
ID:224129
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:containerfile:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk;file:C:\Users\Petra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk->[CMDEmbedded]
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe

Date: 2015-04-28 07:55:33.264
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{DCC938BD-DB32-4789-905F-69BE109AC4F1}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

Date: 2015-04-22 07:15:39.826
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{C4058E42-6042-43DC-B1EC-2D149BBEE8EC}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE

CodeIntegrity:
===================================

Date: 2016-07-19 22:05:53.425
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-07-19 22:05:53.051
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 3983.23 MB
Available physical RAM: 2084.81 MB
Total Virtual: 7964.65 MB
Available Virtual: 6095.59 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.96 GB) (Free:41.34 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.68 GB) NTFS

\\?\Volume{940c94c4-c2b0-11e0-a15b-806e6f6e6963}\ (SYSTEM_DRV) (Fixed) (Total:1.17 GB) (Free:0.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6811184)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\MountPoints2: {940c94c6-c2b0-11e0-a15b-806e6f6e6963} - Q:\LenovoQDrive.exe
  File: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
  ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  -> No File
  SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
  BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
  BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
  Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} -  No File
  FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] -  => not found
  S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
  S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
  S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
  ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} =>  -> No File
  ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} =>  -> No File
  Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
  Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
  Task: {5F901082-53FF-412C-A2CF-CE8E480FF9D7} - System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
  Task: {616288F0-19DD-4113-AE57-EB2258B847CE} - System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\setup_basic_3500.exe -d C:\Users\Petra\Downloads
  Task: {F20A5CB7-F5E6-4BD8-B129-8B210A78779D} - System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519\10UninstallUtility.exe -d C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[vovsova]

Moc se omlouvam, doslo k zamene prispevku.

[vovsova]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (09-08-2018 13:41:07) Run:5
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:

CloseProcesses:

Hosts:

EmptyTemp:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {848E0C4F-C784-4046-932A-A1FD1309435F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BE5C061D-F57A-484F-AAB0-AD85C61A2818} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
end
*****************

Restore point was successfully created.
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\ms-help" => removed successfully
HKLM\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\VIP@verisign.com" => removed successfully
"HKLM\System\CurrentControlSet\Services\dgderdrv" => removed successfully
dgderdrv => service removed successfully
"HKLM\System\CurrentControlSet\Services\EsgScanner" => removed successfully
EsgScanner => service removed successfully
"HKLM\System\CurrentControlSet\Services\MBAMSwissArmy" => removed successfully
MBAMSwissArmy => service removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D}" => removed successfully
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX" => removed successfully
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01080A27-DFDF-4B25-8677-C267BABE6F35}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01080A27-DFDF-4B25-8677-C267BABE6F35}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4968D6C1-3F40-4C3B-AF65-E7E952090880}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4968D6C1-3F40-4C3B-AF65-E7E952090880}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{848E0C4F-C784-4046-932A-A1FD1309435F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{848E0C4F-C784-4046-932A-A1FD1309435F}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BE5C061D-F57A-484F-AAB0-AD85C61A2818}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BE5C061D-F57A-484F-AAB0-AD85C61A2818}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11346930 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 5187014 B
Edge => 0 B
Chrome => 25916154 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 33253 B
systemprofile32 => 39173 B
LocalService => 128 B
NetworkService => 0 B
UpdatusUser => 0 B
Petra => 64948745 B

RecycleBin => 0 B
EmptyTemp: => 110.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:43:18 ====

[vovsova]

Fix result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Petra (09-08-2018 18:29:46) Run:6
Running from C:\Users\Petra\Desktop
Loaded Profiles: Petra (Available Profiles: UpdatusUser & Petra)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-372936869-4241919955-545115080-1001\...\MountPoints2: {940c94c6-c2b0-11e0-a15b-806e6f6e6963} - Q:\LenovoQDrive.exe
File: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
ShellExecuteHooks-x32: No Name - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - -> No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> No File
BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> No File
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - No File
FF HKLM-x32\...\Firefox\Extensions: [VIP@verisign.com] - => not found
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EsgScanner; system32\DRIVERS\EsgScanner.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => -> No File
ShellIconOverlayIdentifiers-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => -> No File
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => -> No File
Task: {01080A27-DFDF-4B25-8677-C267BABE6F35} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core -> No File <==== ATTENTION
Task: {4968D6C1-3F40-4C3B-AF65-E7E952090880} - \GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA -> No File <==== ATTENTION
Task: {5F901082-53FF-412C-A2CF-CE8E480FF9D7} - System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => "c:\users\petra\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/5.0.0.152.375/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome&#058;notoffered;disabled
Task: {616288F0-19DD-4113-AE57-EB2258B847CE} - System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\setup_basic_3500.exe -d C:\Users\Petra\Downloads
Task: {F20A5CB7-F5E6-4BD8-B129-8B210A78779D} - System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => C:\Windows\system32\pcalua.exe -a C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519\10UninstallUtility.exe -d C:\Users\Petra\Downloads\ArcGIS_Desktop10_122519

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKU\S-1-5-21-372936869-4241919955-545115080-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{940c94c6-c2b0-11e0-a15b-806e6f6e6963}" => removed successfully
HKLM\Software\Classes\CLSID\{940c94c6-c2b0-11e0-a15b-806e6f6e6963} => not found

========================= File: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll ========================

C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
File is digitally signed
MD5: C5B1EF0D8A5B27108CFF2F58C8522972
Creation and modification date: 2010-12-08 22:16 - 2010-12-08 22:16
Size: 000135504
Attributes: ----A
Company Name: UPEK Inc.
Internal Name: PSQLPWD
Original Name: psqlpwd.dll
Product: ThinkVantage Fingerprint Software
Description: Logon stub
File Version: 5.9.4.6879
Product Version: 5.9.4
Copyright: Copyright (C) 2001-2010 UPEK Inc.
VirusTotal: https://www.virustotal.com/file/0962a9c ... 530986618/

====== End of File: ======

"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => not found
HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\ms-help => not found
HKLM\Software\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294} => not found
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\VIP@verisign.com" => removed successfully
dgderdrv => service not found.
EsgScanner => service not found.
MBAMSwissArmy => service not found.
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 1 (GFS Unread Stub) => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{99FD978C-D287-4F50-827F-B2C658EDA8E7} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2 (GFS Stub) => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{920E6DB1-9907-4370-B3A0-BAFC03D81399} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 3 (GFS Folder) => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{16F3DD56-1AF5-4347-846D-7C10C4192619} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Groove Explorer Icon Overlay 4 (GFS Unread Mark) => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => not found
HKLM\Software\Wow6432Node\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => not found
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => not found
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => not found
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX => not found
HKLM\Software\Classes\CLSID\{6C467336-8281-4E60-8204-430CED96822D} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01080A27-DFDF-4B25-8677-C267BABE6F35} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001Core => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4968D6C1-3F40-4C3B-AF65-E7E952090880} => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-372936869-4241919955-545115080-1001UA => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F901082-53FF-412C-A2CF-CE8E480FF9D7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F901082-53FF-412C-A2CF-CE8E480FF9D7}" => removed successfully
C:\Windows\System32\Tasks\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F77691F1-C68B-4E7D-A06E-DE9DC36ACE6D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{616288F0-19DD-4113-AE57-EB2258B847CE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{616288F0-19DD-4113-AE57-EB2258B847CE}" => removed successfully
C:\Windows\System32\Tasks\{7CABE866-ADE9-4085-AC65-5B008BA3F084} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7CABE866-ADE9-4085-AC65-5B008BA3F084}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F20A5CB7-F5E6-4BD8-B129-8B210A78779D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F20A5CB7-F5E6-4BD8-B129-8B210A78779D}" => removed successfully
C:\Windows\System32\Tasks\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3D56F7A4-9736-4C25-A2AE-C0A17FCC8A78}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6304012 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6772 B
Edge => 0 B
Chrome => 77573577 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Petra => 8624995 B

RecycleBin => 19138705 B
EmptyTemp: => 114.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:31:26 ====

[Conder]

Otazka, odkial je ten prvy fixlist?

[vovsova]

Došlo k záměně příspěvků a komentářů. Založila jsem vlákno "Kontrola" doslala jsem odpověď a zaslala potřebný log. Chvíli jsme s rádcem něco řešili. Pak se ozval další člověk, že se v jeho příspěvků, který měl stejný název "Kontrola", řeší můj problém. Proto došlo k záměně příspěvků a můj první fixlist byl toho druhého člověka.
Problém jsem zapříčinit já svou nepozornosti že jsem odpovídala pod jinou "Kontrolu". Omlouvám se všem za způsobené problémy.

[Conder]

Aha, uz to vidim. Vlastne temy/prispevky je lepsie hladat cez odkaz "Zobrazit vaše příspěvky" vpravo hore. Takisto upozornujem, ze FRST fixlisty su pisane priamo pre konkretny PC, a pri spusteni na inom PC sa moze poskodit system, sice tento pripad to nie je, kedze aj ten prvy fixlist napisal radca Kodiz pre tento PC.

Su este s PC nejake problemy?

V PC je nainstalovana zastarala verzia Javy (Java 8 Update 111), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu (momentalne Java 8 Update 171) z https://java.com/en/download/

Skontroluj velkost plochy ( C:\Users\Petra\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

V PC nie su nainstalovane posledne aktualizacie/zaplaty. Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update.

[vovsova]

Priste si dam jiz vetsi pozor. Jeste jednou se omlouvam za komplikace.

PC se tvari v pohode.

Java do instalovana.

Plocha vycistena, soubory ulozeny jinam.

A tohle je bod nejvetsiho zoufalstvi. Zjistila jsem, ze od prosince nebezi aktualizace, globalni problem Windows Update. Kdyz uz problem odstanila, tak se tam cely den stahovali postupne aktualizace aktualizaci. Nektere aktualizace hazeli chybova hlaseni, vecinu z nich se nam povedlo odbourat primym stahovani jednotlivych aktualizaci. Bohuzel se nam do ted nepodarilo odbourat problem s aktualizaci

[Conder]

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

• Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC

Skus znovu vyhladat aktualizacie a nainstalovat ich po jednej.