Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
center25
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 06 úno 2008 20:56

Prosím o kontrolu

#1 Příspěvek od center25 »

Děkuji moc předem.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
Ran by Adéla (administrator) on ADÉLA (06-11-2018 22:02:21)
Running from C:\Users\Adéla\Desktop
Loaded Profiles: Adéla (Available Profiles: Adéla)
Platform: Windows 10 Home Version 1607 14393.187 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Pokki) C:\Users\Adéla\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\$GetCurrent\media\setup.exe
(Microsoft Corporation) C:\$GetCurrent\media\sources\setupprep.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [111488 2013-09-17] (Intel Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-06-14] (Lenovo)
HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-06-14] ()
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-06-14] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-29] (AVAST Software)
HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119824 2013-12-03] (Lenovo)
HKLM\...\RunOnce: [!GetCurrentRollback] => C:\Windows10Upgrade\GetCurrentRollback.exe [57344 2018-07-19] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [RemoveSafeZoneBrowser] => C:\Users\ADLA~1\AppData\Local\Temp\removeSZB.exe [2781728 2018-11-06] () <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-10-23] (Piriform Ltd)
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [806400 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{39443fce-c916-4a05-94ad-9d6fd916a6b3}: [DhcpNameServer] 150.201.1.2
Tcpip\..\Interfaces\{d4aefa9b-c6b6-4b08-8a62-fb395fd9ad3a}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001 -> {7A9767A9-C2E4-4D2C-8310-880A52418EB7} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-10-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-10-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-10-29] (Microsoft Corporation)
BHO-x32: No Name -> {d9f16d8b-81b5-4667-af4d-25365bbf7fc9} -> No File
Toolbar: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001 -> No Name - {F41A56D2-7B52-4D16-812C-A63C6CA9D4C5} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-29] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-10-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 2
CHR Profile: C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-11-06]
CHR Extension: (Prezentace) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-06]
CHR Extension: (Dokumenty) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-06]
CHR Extension: (Disk Google) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-06]
CHR Extension: (YouTube) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-06]
CHR Extension: (Avast Online Security - BETA) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2018-11-06]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-11-06]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2018-11-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-06]
CHR Extension: (Gmail) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-06]
CHR Extension: (Chrome Media Router) - C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-06]
CHR Profile: C:\Users\Adéla\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-29] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-29] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-11-06] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-29] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
R2 DptfParticipantAcpiProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [117704 2013-09-17] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [150760 2013-09-17] (Intel Corporation)
S2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [124904 2013-09-17] (Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [328616 2015-09-24] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-06-14] (Lenovo)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2014-06-14] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2014-06-14] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-06-14] (Lenovo)
R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2013-11-19] ()
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-15] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201408 2018-10-29] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230512 2018-10-29] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201928 2018-10-29] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346760 2018-10-29] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59664 2018-10-29] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-10-29] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [185240 2018-10-29] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47064 2018-10-29] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42456 2018-10-29] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163376 2018-10-29] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111968 2018-10-29] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [88112 2018-10-29] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028840 2018-10-29] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467904 2018-10-29] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208640 2018-10-29] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381144 2018-10-29] (AVAST Software)
R3 DptfDevAcpiProc; C:\WINDOWS\system32\DRIVERS\DptfDevAcpiProc.sys [198808 2013-09-17] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys [78504 2013-09-17] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [493240 2013-09-17] (Intel Corporation)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-01-02] ()
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [24392 2013-10-16] (ELAN Microelectronic Corp.)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
S3 mtkmbim; C:\WINDOWS\system32\DRIVERS\mtkmbim7_x64.sys [208896 2012-12-13] (MediaTek Inc.)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel Corporation)
R3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv_x64.sys [744928 2015-06-22] (Sunplus)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdf_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [81408 2013-02-21] (MediaTek Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-06 22:02 - 2018-11-06 22:05 - 000021932 _____ C:\Users\Adéla\Desktop\FRST.txt
2018-11-06 22:00 - 2018-11-06 22:02 - 000000000 ____D C:\FRST
2018-11-06 21:55 - 2018-11-06 21:59 - 002414592 _____ (Farbar) C:\Users\Adéla\Desktop\FRST64.exe
2018-11-06 21:06 - 2018-11-06 21:57 - 000000036 _____ C:\WINDOWS\progress.ini
2018-11-06 20:49 - 2018-11-06 20:49 - 000000000 ____D C:\ProgramData\Western Digital
2018-11-06 20:47 - 2018-11-06 20:47 - 016254666 _____ C:\Users\Adéla\Downloads\WDDriveUtilitiesSetup_for_web_2.0.0.48.zip
2018-11-06 20:04 - 2018-11-06 21:48 - 000000000 ___HD C:\$GetCurrent
2018-11-06 20:04 - 2018-11-06 20:04 - 000000818 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2018-11-06 20:04 - 2018-11-06 20:04 - 000000806 _____ C:\Users\Adéla\Desktop\Pomocník s aktualizací Windows 10.lnk
2018-11-06 19:56 - 2018-11-06 21:48 - 000000000 ____D C:\Windows10Upgrade
2018-11-06 19:40 - 2018-11-06 19:40 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-11-06 19:40 - 2018-11-06 19:40 - 000002850 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-11-06 19:40 - 2018-11-06 19:40 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-11-06 19:40 - 2018-11-06 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-11-06 19:39 - 2018-11-06 19:40 - 000000000 ____D C:\Program Files\CCleaner
2018-11-06 19:37 - 2018-11-06 19:38 - 018072104 _____ (Piriform Ltd) C:\Users\Adéla\Downloads\ccsetup548.exe
2018-11-06 19:11 - 2018-11-06 19:11 - 000002585 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-06 19:11 - 2018-11-06 19:11 - 000002550 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-06 19:08 - 2018-11-06 19:08 - 000003512 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-11-06 19:08 - 2018-11-06 19:08 - 000003388 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-11-06 19:08 - 2018-11-06 19:08 - 000000000 ____D C:\Users\Adéla\AppData\Local\AVAST Software
2018-11-06 19:08 - 2018-11-06 19:08 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-11-05 21:59 - 2018-11-05 21:59 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-11-05 21:59 - 2018-06-27 12:10 - 000131288 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 002003296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-11-05 21:44 - 2018-02-18 12:13 - 001568600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000749408 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000664416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000609120 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000389464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000270688 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000246112 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-11-05 21:44 - 2018-02-18 12:13 - 000138072 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-11-05 21:44 - 2018-02-18 12:13 - 000069984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-11-05 21:44 - 2018-02-18 12:12 - 000461664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-11-05 21:44 - 2018-02-18 12:12 - 000035160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-11-05 21:44 - 2018-02-18 12:09 - 000199512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-11-05 21:44 - 2018-02-18 12:04 - 000501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-11-05 21:44 - 2018-02-18 11:19 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-11-05 21:44 - 2018-02-18 11:18 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-11-05 21:40 - 2018-11-05 21:40 - 000000000 ____D C:\Program Files\rempl
2018-11-05 21:40 - 2018-09-13 15:36 - 000025248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Luadgmgt.dll
2018-10-30 08:16 - 2018-10-30 08:16 - 000000000 ____D C:\$WINDOWS.~BT
2018-10-30 08:04 - 2018-10-30 08:17 - 000000000 ___HD C:\$SysReset
2018-10-29 23:40 - 2018-10-29 23:40 - 000000000 _____ C:\Recovery.txt
2018-10-29 21:51 - 2018-10-29 21:51 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2661599344-1049831031-3761498453-1001
2018-10-29 21:33 - 2018-10-29 22:55 - 000000000 ____D C:\ESD
2018-10-29 21:30 - 2018-10-29 21:30 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-29 21:29 - 2018-10-29 21:29 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-10-29 21:29 - 2018-10-29 21:29 - 000201408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-10-29 21:29 - 2018-10-29 21:29 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-10-29 21:29 - 2018-10-29 21:27 - 000346760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-10-29 21:29 - 2018-10-29 21:27 - 000230512 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-10-29 21:29 - 2018-10-29 21:27 - 000201928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-10-29 21:29 - 2018-10-29 21:27 - 000185240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-10-29 21:29 - 2018-10-29 21:27 - 000059664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-10-29 21:26 - 2018-10-29 21:26 - 000000000 ___HD C:\$Windows.~WS
2018-10-29 21:25 - 2018-10-29 21:25 - 019119064 _____ (Microsoft Corporation) C:\Users\Adéla\Downloads\MediaCreationTool1803.exe
2018-10-24 21:25 - 2018-10-24 21:25 - 000000000 ____D C:\Users\Adéla\AppData\Roaming\Google
2018-10-24 19:49 - 2018-10-24 19:49 - 000000000 ____D C:\Program Files\Common Files\Avast Software

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-11-06 21:58 - 2016-09-24 13:57 - 000001890 _____ C:\WINDOWS\diagwrn.xml
2018-11-06 21:58 - 2016-09-24 13:57 - 000001890 _____ C:\WINDOWS\diagerr.xml
2018-11-06 21:57 - 2016-09-24 22:35 - 000000000 ___DC C:\WINDOWS\Panther
2018-11-06 21:40 - 2014-10-07 12:30 - 000000000 ____D C:\Users\Adéla\AppData\Local\SweetLabs App Platform
2018-11-06 21:39 - 2014-10-07 12:31 - 000000000 __SHD C:\Users\Adéla\IntelGraphicsProfiles
2018-11-06 21:30 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-06 21:30 - 2014-10-07 12:31 - 000000000 ____D C:\Users\Adéla\AppData\Local\Packages
2018-11-06 21:17 - 2016-07-06 17:40 - 000000000 ____D C:\ProgramData\Garmin
2018-11-06 21:17 - 2014-12-07 13:06 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-06 21:16 - 2016-07-16 12:45 - 000000000 ____D C:\WINDOWS\INF
2018-11-06 20:39 - 2016-07-16 12:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-06 20:33 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-06 20:33 - 2014-12-25 17:40 - 000000000 ____D C:\ProgramData\Skype
2018-11-06 20:28 - 2016-01-07 21:57 - 000000000 ____D C:\Users\Adéla\AppData\Local\FluxSoftware
2018-11-06 20:26 - 2014-10-25 22:02 - 000000000 ____D C:\Users\Adéla\AppData\Roaming\uTorrent
2018-11-06 20:16 - 2015-01-07 21:41 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-11-06 20:07 - 2015-09-29 08:07 - 000000000 ____D C:\Users\Adéla\AppData\Roaming\Seznam.cz
2018-11-06 20:07 - 2014-10-07 13:11 - 000000000 ____D C:\Users\Adéla\AppData\Local\CrashDumps
2018-11-06 19:56 - 2015-09-29 08:20 - 000000000 ____D C:\Users\Adéla\AppData\Roaming\PhotoScape
2018-11-06 19:55 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\ModemLogs
2018-11-06 19:39 - 2015-10-10 09:28 - 000000000 ____D C:\ProgramData\AVAST Software
2018-11-06 19:34 - 2016-09-24 22:21 - 000580516 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-06 19:34 - 2016-09-24 22:21 - 000129754 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-06 19:34 - 2015-12-25 15:58 - 001764782 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-06 19:26 - 2016-09-24 13:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-06 19:26 - 2016-07-16 07:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-11-06 19:24 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-11-06 19:04 - 2016-09-24 12:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-05 22:30 - 2014-10-07 22:27 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-05 22:30 - 2014-10-07 22:27 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-05 21:37 - 2015-09-29 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2018-10-30 08:27 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\System
2018-10-29 22:10 - 2016-07-16 12:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-29 22:05 - 2016-06-18 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-10-29 22:04 - 2014-06-14 23:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-29 21:50 - 2015-12-25 16:36 - 000002438 _____ C:\Users\Adéla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-29 21:50 - 2014-10-07 12:36 - 000000000 __RDO C:\Users\Adéla\OneDrive
2018-10-29 21:33 - 2014-11-06 15:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2018-10-29 21:29 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-10-29 21:29 - 2015-10-10 09:34 - 000467904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000381144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000208640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000163376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000111968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000088112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-10-29 21:29 - 2015-10-10 09:34 - 000047064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-10-29 21:28 - 2016-09-29 12:37 - 000000000 ____D C:\Users\Adéla\AppData\Roaming\ViberPC
2018-10-29 21:28 - 2016-07-12 21:08 - 000042456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-10-29 21:27 - 2015-10-10 09:34 - 001028840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-10-24 21:06 - 2016-09-24 13:53 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-24 21:05 - 2015-03-23 22:42 - 000000000 ____D C:\Users\Adéla\Documents\ViberDownloads
2018-10-24 19:50 - 2016-09-24 13:53 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cfffe5f311b23b
2018-10-24 19:50 - 2016-09-24 13:53 - 000003378 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1cfffe5f2c6f84a
2018-10-24 19:49 - 2016-09-24 13:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software

==================== Files in the root of some directories =======

2014-11-09 12:31 - 2014-11-09 12:31 - 032372200 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe

Files to move or delete:
====================
C:\Users\ADLA~1\AppData\Local\Temp\removeSZB.exe


Some files in TEMP:
====================
2018-11-06 19:12 - 2018-11-06 19:07 - 002781728 _____ () C:\Users\Adéla\AppData\Local\Temp\removeSZB.exe
2018-11-06 20:07 - 2018-11-06 20:07 - 000534528 _____ () C:\Users\Adéla\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dxdiagn.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-14 16:17

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24.10.2018
Ran by Adéla (06-11-2018 22:08:37)
Running from C:\Users\Adéla\Desktop
Windows 10 Home Version 1607 14393.187 (X64) (2016-09-24 13:03:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2661599344-1049831031-3761498453-500 - Administrator - Disabled)
Adéla (S-1-5-21-2661599344-1049831031-3761498453-1001 - Administrator - Enabled) => C:\Users\Adéla
DefaultAccount (S-1-5-21-2661599344-1049831031-3761498453-503 - Limited - Disabled)
Guest (S-1-5-21-2661599344-1049831031-3761498453-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2661599344-1049831031-3761498453-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.7.2354 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 69.1.867.100 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.48 - Piriform)
CollageIt 1.9.2 (HKLM-x32\...\{D9757258-30B2-496E-86F2-84920C5858E1}_is1) (Version: 1.9.2 - PearlMountain Technology Co., Ltd)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
EPSON L1800 Series Printer Uninstall (HKLM\...\EPSON L1800 Series) (Version: - SEIKO EPSON Corporation)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.10.0.2208 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{810dff4d-564d-47da-b8bc-a3729815aab7}) (Version: 1.9.1.1008 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (HKLM-x32\...\{C1C74874-4E6F-49B8-BBCD-D43E277D8D28}) (Version: 3.4.1942 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.5.5 - SunplusIT)
Lenovo Motion Control (HKLM-x32\...\{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.2 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.5 - Lenovo) Hidden
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.5 - Lenovo)
LibreOffice 4.3 Help Pack (Czech) (HKLM-x32\...\{1FA7A006-6ABA-4670-B5E6-046F89CCB286}) (Version: 4.3.2.2 - The Document Foundation)
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
MatchWare MindView 6.0 (HKLM-x32\...\{BD3B24E2-B5BF-4D31-AE97-3AABDA0EF877}) (Version: 6.0.6966.0 - MatchWare A/S)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Pokki (HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\SweetLabs_AP) (Version: 0.269.7.802 - Pokki)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.310 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Start Menu (HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\SweetLabs_Start_Menu) (Version: 0.269.7.800 - Pokki)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{133A2E34-3E09-4A1A-A9AA-F9D8E5417199}) (Version: 2.50.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Viber (HKLM-x32\...\{09674AFF-C692-4D7F-BE2A-85647529D745}) (Version: 6.3.0.1532 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\{9574df79-44de-4a4a-8146-38d4900e15d0}) (Version: 6.3.0.1532 - Viber Media Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.013.1202 - Lenovo)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2015-09-24] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-29] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-08-27] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-08-27] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00762C8B-19FB-474E-AE4F-0EB2B5E94D22} - System32\Tasks\GoogleUpdateTaskMachineUA1cfffe5f311b23b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {0FAB18C2-56C6-4629-A5AD-A5E7D490F4BB} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {10C89677-E0C6-406E-8CC1-84EC24793FCE} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {125F7BCF-CDB1-4517-B4AA-BD99CC0BF311} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {15587F9B-102A-45E7-B4EE-5AC1B983121C} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-09-04] (Intel Corporation)
Task: {18516735-F6DE-4EB5-A801-991929D1C119} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-29] (Microsoft Corporation)
Task: {2A8A3FE6-D03E-44CC-840B-FA508DF2F632} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35D8E152-5126-4058-80C7-9FDFC7A2BDD0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-11-06] (AVAST Software)
Task: {4DD32FDB-701E-4B22-9A7B-C9F471A4C054} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {50404756-E0AE-42AB-9D1B-0D832293AEA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5295A83B-E766-47DC-B5AD-FDE6A62B64E9} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-06-14] (Lenovo)
Task: {619CD49B-0431-4BCE-8ECA-480FCED12359} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {61E77FEC-7528-4087-85FC-3AF001E20A3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-10-23] (Piriform Ltd)
Task: {6556E5F6-339B-42B3-BFCF-F0A102D247FD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {65F0011D-A6B9-49F5-86BD-BD7AFD06BA16} - System32\Tasks\GoogleUpdateTaskMachineCore1cfeef7c799d72c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {71464BA0-CF1A-4424-B0B2-C4009AEFC2D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A7B3BCE-5937-4FFF-8980-DBADAEB4E0F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {82652949-0349-4567-A8FF-9237B4341B28} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {85D98F03-CCB8-401C-85B4-DE2ED7A21444} - System32\Tasks\GoogleUpdateTaskMachineCore1cfffe5f2c6f84a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {94B8D62D-5539-4901-8B66-509168A75F64} - \WPD\SqmUpload_S-1-5-21-2661599344-1049831031-3761498453-1001 -> No File <==== ATTENTION
Task: {A37F5C0F-70F5-453C-82FD-1607402015F1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-10-24] (AVAST Software)
Task: {A3BCBD2D-4DD8-49AA-BF87-756B3B4C415E} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.)
Task: {A87D40B6-DD17-45E3-8AC7-861DE3C40611} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-11-06] (AVAST Software)
Task: {A981424B-F13F-4537-8A89-949F42B23368} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-10-29] (AVAST Software)
Task: {ADE818D8-363C-4B20-B2EA-7131392691C3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AE29E482-9624-4147-9B0F-9182B5E5237C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B1A37A9B-622E-4244-929E-6A920562CC76} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-29] (Microsoft Corporation)
Task: {B25192C5-8289-42E4-88FD-5EE3FD07AA8C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-10-23] (Piriform Ltd)
Task: {B66CC77D-458B-4A09-B04B-61DE3ECE06D2} - System32\Tasks\McAfeeLogon => C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
Task: {B834AFCD-7F8D-4FA0-8EDF-CBE75A8C50E1} - System32\Tasks\SweetLabs App Platform => C:\Users\Adéla\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {C43D2A04-11AD-4AB9-BC9D-6976FBC4A6D9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {C9F0615D-D870-4971-AD94-23E74DA195C0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-29] (Microsoft Corporation)
Task: {CE6C4A8D-FD56-4169-A420-13589E34D71B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {CEF8E1DB-D7BD-42EF-8528-3A1D17E69DA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {CF09F059-0DF6-4A80-B0D8-DAC0F3AF40B2} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-08-12] (Intel Corporation)
Task: {D3931BB4-1EB6-427E-A130-9C460C6D7447} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-08-12] (Intel Corporation)
Task: {D5015FDA-44F9-46F3-9A82-6D0FA3E99DF1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DAEDE06E-0A65-492F-AA8C-F0C9BA925E9E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {DB428835-252A-49DC-B932-5F1F40155025} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {DD003464-D6F0-466B-931A-A32748AEA496} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E3236733-2698-4BAC-8960-F51074DA0F02} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {E4D41843-775E-46D3-BC7B-CF04AF658862} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-29] (Microsoft Corporation)
Task: {E63A4B1E-F422-4625-A507-034BC5CE1748} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-29] (Microsoft Corporation)
Task: {F9CB9BC6-58A9-4AFC-8E19-DAA8ECD11DAA} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\0914avUpdateInfo.job => C:\ProgramData\Avg_Update_0914av\0914av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\1114avUpdateInfo.job => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cfeef7c799d72c.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-06-14 23:39 - 2012-04-24 11:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-06-14 23:40 - 2014-06-14 23:40 - 000062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-06-14 23:31 - 2013-11-19 00:40 - 000019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2015-07-07 10:44 - 2015-07-07 10:44 - 000088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2016-04-26 13:30 - 2016-04-26 13:30 - 000367824 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-06-14 23:39 - 2014-06-14 23:39 - 000815104 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-24 22:27 - 2016-09-24 22:27 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 000130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 009760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 001401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 002438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-24 22:28 - 2016-09-24 22:28 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-24 12:43 - 2010-10-26 11:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2018-11-05 22:30 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-11-05 22:30 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2014-02-25 00:39 - 2014-02-25 00:39 - 000013576 _____ () C:\Program Files (x86)\Lenovo\Motion Control\PointGrabDeviceAPI.dll
2018-10-29 21:29 - 2018-10-29 21:29 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-29 21:27 - 2018-10-29 21:27 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-06-14 23:40 - 2014-06-14 23:40 - 000101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adéla\Desktop\Fotky\Srí lanka\2015-02-27 03.18.46 1.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "AutoStartTransition"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "Pokki"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "f.lux"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{8D10C3D1-FBF8-443F-B670-3BA65544E868}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{13474C73-8C75-4D06-BA88-7E3032E0372E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECFCBF5A-AC13-4C6D-8FD1-88DC23960A69}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A57FAC4D-E154-433F-96B9-F103C1F4BBDC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{33DE5C42-E0B2-4696-882B-21DFFF1C1C5A}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C02CF6D9-9484-429B-B07B-948DC501C1C7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{7679CFDC-C36D-4241-8303-A63481E7C914}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4ABD2EB7-34AC-40FE-A0D0-18D839BDB19B}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [TCP Query User{819C3DA5-7A1B-4655-99B8-263C597C9B46}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{59E70D99-D611-4FEE-9F46-78D2E056F52D}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{25A1A261-74FB-4759-8C58-B8FEEF4F2DB3}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{4B033640-BE8E-4C76-80D0-22024AA8A65E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{9C8590CD-2507-4EBA-A47E-CFB2C5ECE1D2}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{8616C864-D97A-411C-A4B3-9C32F509F024}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6FFB8DE7-E621-4608-AFE2-5CE9BE83D14A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2F85E282-AD64-402A-9A24-FA6A377967FA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{9D8E9555-C41A-42FD-84F4-1D878F531B7A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{29E9320D-72F0-4D04-9108-4EA3482654E9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D30479D6-4566-4F39-8C9E-33A18FBC82C7}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{786AFBAA-FC4C-4C08-A36A-F4C12FFB67B3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F6DAC675-CD6B-4073-ACA2-CE926288324F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

05-11-2018 21:40:49 Windows Modules Installer

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/06/2018 09:44:26 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 2

Error: (11/06/2018 09:44:26 PM) (Source: DptfEvent) (EventID: 3) (User: )
Description: DptfPolicyLpmServiceHelper
CreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failed
Last error = [0x00000102]
Session ID = 2

Error: (11/06/2018 09:38:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Adéla)
Description: Aplikaci microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2018 09:38:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Adéla)
Description: Aplikaci Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (11/06/2018 08:34:46 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/06/2018 08:33:02 PM) (Source: MsiInstaller) (EventID: 11704) (User: Adéla)
Description: Product: Skype™ 7.33 -- Error 1704. An installation for Podpora aplikací Apple (32bitová) is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?

Error: (11/06/2018 08:07:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SoftwareUpdate.exe, verze: 2.2.0.150, časové razítko: 0x56ccebd4
Název chybujícího modulu: aswAMSI.dll, verze: 18.7.4041.0, časové razítko: 0x5bbb5c57
Kód výjimky: 0xc0000005
Posun chyby: 0x00031cc9
ID chybujícího procesu: 0x2088
Čas spuštění chybující aplikace: 0x01d47603835a4f25
Cesta k chybující aplikaci: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\aswAMSI.dll
ID zprávy: 657e7e82-7839-4b80-8724-bba412b8f883
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/06/2018 07:39:16 PM) (Source: DptfEvent) (EventID: 2) (User: )
Description: DptfPolicyLpmServiceHelper
WinMain: CreateSharedMemory() failed.
Session ID = 1


System errors:
=============
Error: (11/06/2018 09:42:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/06/2018 09:39:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/06/2018 09:39:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/06/2018 09:39:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_12f9e9f byla ukončena s následující chybou:
Nespecifikovaná chyba

Error: (11/06/2018 09:38:42 PM) (Source: DCOM) (EventID: 10010) (User: Adéla)
Description: Server microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/06/2018 09:38:39 PM) (Source: DCOM) (EventID: 10010) (User: Adéla)
Description: Server Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/06/2018 09:17:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Garmin Device Interaction Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restart the service.

Error: (11/06/2018 08:34:20 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restart the service) po nečekaném ukončení služby Windows Installer, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.


CodeIntegrity:
===================================

Date: 2018-11-06 19:27:48.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-11-06 19:09:05.991
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-06 19:09:05.988
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-06 19:09:05.450
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-06 19:09:05.445
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-05 21:59:39.883
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-05 21:59:39.871
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-11-05 21:59:39.030
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3530 @ 2.16GHz
Percentage of memory in use: 55%
Total physical RAM: 3979.22 MB
Available physical RAM: 1759.39 MB
Total Virtual: 6411.22 MB
Available Virtual: 3774.2 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.92 GB) (Free:250.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.08 GB) NTFS

\\?\Volume{1e00458e-d5e1-474b-9671-670ab1a2abe5}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{392027f7-85f5-4edb-a611-df540d906e84}\ (PBR_DRV) (Fixed) (Total:12.5 GB) (Free:3.77 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: DD6C189E)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu

#2 Příspěvek od JaRon »

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>

Kód: Vybrat vše

Start
HKLM-x32\...\RunOnce: [RemoveSafeZoneBrowser] => C:\Users\ADLA~1\AppData\Local\Temp\removeSZB.exe [2781728 2018-11-06] () <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
BHO-x32: No Name -> {d9f16d8b-81b5-4667-af4d-25365bbf7fc9} -> No File
Toolbar: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001 -> No Name - {F41A56D2-7B52-4D16-812C-A63C6CA9D4C5} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
2018-11-06 19:12 - 2018-11-06 19:07 - 002781728 _____ () C:\Users\Adéla\AppData\Local\Temp\removeSZB.exe
2018-11-06 20:07 - 2018-11-06 20:07 - 000534528 _____ () C:\Users\Adéla\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Task: {10C89677-E0C6-406E-8CC1-84EC24793FCE} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {125F7BCF-CDB1-4517-B4AA-BD99CC0BF311} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4DD32FDB-701E-4B22-9A7B-C9F471A4C054} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {50404756-E0AE-42AB-9D1B-0D832293AEA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {619CD49B-0431-4BCE-8ECA-480FCED12359} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {71464BA0-CF1A-4424-B0B2-C4009AEFC2D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A7B3BCE-5937-4FFF-8980-DBADAEB4E0F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {82652949-0349-4567-A8FF-9237B4341B28} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94B8D62D-5539-4901-8B66-509168A75F64} - \WPD\SqmUpload_S-1-5-21-2661599344-1049831031-3761498453-1001 -> No File <==== ATTENTION
Task: {ADE818D8-363C-4B20-B2EA-7131392691C3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AE29E482-9624-4147-9B0F-9182B5E5237C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B834AFCD-7F8D-4FA0-8EDF-CBE75A8C50E1} - System32\Tasks\SweetLabs App Platform => C:\Users\Adéla\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {D5015FDA-44F9-46F3-9A82-6D0FA3E99DF1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DD003464-D6F0-466B-931A-A32748AEA496} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION



EmptyTemp:
Reboot:
End
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

:arrow: Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

:arrow: Restart PC a dejte mi sem fixlog.txt
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

center25
Návštěvník
Návštěvník
Příspěvky: 61
Registrován: 06 úno 2008 20:56

Re: Prosím o kontrolu

#3 Příspěvek od center25 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 07.11.2018
Ran by Adéla (07-11-2018 22:29:57) Run:1
Running from C:\Users\Adéla\Desktop
Loaded Profiles: Adéla (Available Profiles: Adéla)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\RunOnce: [RemoveSafeZoneBrowser] => C:\Users\ADLA~1\AppData\Local\Temp\removeSZB.exe [2781728 2018-11-06] () <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
BHO-x32: No Name -> {d9f16d8b-81b5-4667-af4d-25365bbf7fc9} -> No File
Toolbar: HKU\S-1-5-21-2661599344-1049831031-3761498453-1001 -> No Name - {F41A56D2-7B52-4D16-812C-A63C6CA9D4C5} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File
2018-11-06 19:12 - 2018-11-06 19:07 - 002781728 _____ () C:\Users\Ad�la\AppData\Local\Temp\removeSZB.exe
2018-11-06 20:07 - 2018-11-06 20:07 - 000534528 _____ () C:\Users\Ad�la\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
Task: {10C89677-E0C6-406E-8CC1-84EC24793FCE} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {125F7BCF-CDB1-4517-B4AA-BD99CC0BF311} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4DD32FDB-701E-4B22-9A7B-C9F471A4C054} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {50404756-E0AE-42AB-9D1B-0D832293AEA4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {619CD49B-0431-4BCE-8ECA-480FCED12359} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {71464BA0-CF1A-4424-B0B2-C4009AEFC2D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7A7B3BCE-5937-4FFF-8980-DBADAEB4E0F6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {82652949-0349-4567-A8FF-9237B4341B28} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94B8D62D-5539-4901-8B66-509168A75F64} - \WPD\SqmUpload_S-1-5-21-2661599344-1049831031-3761498453-1001 -> No File <==== ATTENTION
Task: {ADE818D8-363C-4B20-B2EA-7131392691C3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {AE29E482-9624-4147-9B0F-9182B5E5237C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B834AFCD-7F8D-4FA0-8EDF-CBE75A8C50E1} - System32\Tasks\SweetLabs App Platform => C:\Users\Ad�la\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2015-10-30] (Pokki)
Task: {D5015FDA-44F9-46F3-9A82-6D0FA3E99DF1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {DD003464-D6F0-466B-931A-A32748AEA496} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION



EmptyTemp:
Reboot:
End
*****************

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\RemoveSafeZoneBrowser" => not found
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d9f16d8b-81b5-4667-af4d-25365bbf7fc9} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{d9f16d8b-81b5-4667-af4d-25365bbf7fc9} => not found
"HKU\S-1-5-21-2661599344-1049831031-3761498453-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F41A56D2-7B52-4D16-812C-A63C6CA9D4C5}" => removed successfully
HKLM\Software\Classes\CLSID\{F41A56D2-7B52-4D16-812C-A63C6CA9D4C5} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\sacore => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt => removed successfully
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => not found
"C:\Users\Ad�la\AppData\Local\Temp\removeSZB.exe" => not found
"C:\Users\Ad�la\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10C89677-E0C6-406E-8CC1-84EC24793FCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10C89677-E0C6-406E-8CC1-84EC24793FCE}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{125F7BCF-CDB1-4517-B4AA-BD99CC0BF311}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{125F7BCF-CDB1-4517-B4AA-BD99CC0BF311}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4DD32FDB-701E-4B22-9A7B-C9F471A4C054}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DD32FDB-701E-4B22-9A7B-C9F471A4C054}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{50404756-E0AE-42AB-9D1B-0D832293AEA4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{50404756-E0AE-42AB-9D1B-0D832293AEA4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{619CD49B-0431-4BCE-8ECA-480FCED12359}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{619CD49B-0431-4BCE-8ECA-480FCED12359}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{71464BA0-CF1A-4424-B0B2-C4009AEFC2D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{71464BA0-CF1A-4424-B0B2-C4009AEFC2D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A7B3BCE-5937-4FFF-8980-DBADAEB4E0F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A7B3BCE-5937-4FFF-8980-DBADAEB4E0F6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{82652949-0349-4567-A8FF-9237B4341B28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{82652949-0349-4567-A8FF-9237B4341B28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94B8D62D-5539-4901-8B66-509168A75F64}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94B8D62D-5539-4901-8B66-509168A75F64}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2661599344-1049831031-3761498453-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ADE818D8-363C-4B20-B2EA-7131392691C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADE818D8-363C-4B20-B2EA-7131392691C3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE29E482-9624-4147-9B0F-9182B5E5237C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE29E482-9624-4147-9B0F-9182B5E5237C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B834AFCD-7F8D-4FA0-8EDF-CBE75A8C50E1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B834AFCD-7F8D-4FA0-8EDF-CBE75A8C50E1}" => removed successfully
C:\WINDOWS\System32\Tasks\SweetLabs App Platform => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D5015FDA-44F9-46F3-9A82-6D0FA3E99DF1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D5015FDA-44F9-46F3-9A82-6D0FA3E99DF1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD003464-D6F0-466B-931A-A32748AEA496}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD003464-D6F0-466B-931A-A32748AEA496}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 583648 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 135940151 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 1867215 B
Edge => 1044 B
Chrome => 117285838 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6976 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Adéla => 169380732 B

RecycleBin => 0 B
EmptyTemp: => 405.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 22:31:36 ====

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu

#4 Příspěvek od JaRon »

fajn, vycisti PC s ADWCleanerom a napis, ci je nejaky problem ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět