Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Prosím o preventivní kontrolu

#1 Příspěvek od curt-xx »

Dobrý den,

prosím o preventivní kontrolu.

Předem moc děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pája at 2019-01-06 12:42:25
Microsoft Windows 8.1
System drive C: has 705 GB (77%) free of 911 GB
Total RAM: 7128 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:30, on 6. 1. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files\Lenovo\iMController\AutoUpdate.exe
C:\Program Files\trend micro\Pája.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11984 bytes

======Listing Processes======






wininit.exe
winlogon.exe


C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\windows\system32\svchost.exe -k NetworkService

C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\System32\lpksetup.exe -v
taskhostex.exe
"C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {D541F6F1-CCCA-413C-9102-10DFED1943A6}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
dashost.exe {ddd2cb0e-0b59-4fc0-b446ca39dcc0c198}
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-68c14d24-e9af-47fa-b074-452c6ae78e97 -SystemEventPortName:HostProcess-8daee4c1-5df2-4791-8580-a3f3693a269d -IoCancelEventPortName:HostProcess-d1500b67-3215-4c82-94e1-86eb73bc4a84 -NonStateChangingEventPortName:HostProcess-899984d1-6a02-4ebe-9e03-43fdb496d95f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:53b50480-78af-438a-9760-dcaa04c23cb3 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe" -quickstart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\Pája\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=host_int_account1_boot=5711117040 --annotation=machine_id=5927a2f4-98df-4b92-b7da-541dd2387344 --annotation=platform=win --annotation=platform_version=8.1 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x6d0cdda4,0x6d0cddb4,0x6d0cddc4
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:d8edef98-818c-4e50-bbf6-c87a99ab7511 -target-handle:336 -target-shutdown-event:300 -target-restart-event:284 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.5.4 -method:collectupload -handler-pipe:\\.\pipe\crashpad_4660_WQLWBTCJHQCFDIHF
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 -1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor

CefSharp.BrowserSubprocess.exe --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --service-request-channel-token=CF3B3F65A810909D8CD9B153392516AE --mojo-platform-channel-handle=3676 /prefetch:2
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe" --type=renderer --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --dropbox-schemes=dbx-local --dropbox-cors --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4660.0.1872910683\904708322" /prefetch:673131151

C:\windows\system32\wbem\unsecapp.exe -Embedding
adb fork-server server
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Lenovo\iMController\AutoUpdate.exe"
wmiadap.exe /F /T /R
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Users\Pája\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-03-14 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2018-05-15 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-05-15 1744672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-12 2891592]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-11-28 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-06 261512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-28 49799184]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2018-11-28 30872640]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-28 19554936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #3"=C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2018-12-20 8992976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-12-13 4049216]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-06 261512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 1.1.0.lnk - C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-01-06 12:42:25 ----D---- C:\rsit
2019-01-06 12:42:25 ----D---- C:\Program Files\trend micro
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbuniv.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswblog.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbidsh.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbidsdriver.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswArDisk.sys
2019-01-06 12:33:53 ----A---- C:\windows\system32\aswBoot.exe
2019-01-05 22:25:21 ----D---- C:\Program Files\CCleaner
2018-12-24 15:46:52 ----A---- C:\windows\system32\drivers\staport.sys
2018-12-22 10:30:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-12-22 10:30:24 ----A---- C:\windows\system32\jscript.dll
2018-12-16 21:28:36 ----A---- C:\windows\system32\mshtml.dll
2018-12-16 21:28:34 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-12-16 21:28:32 ----A---- C:\windows\system32\wmp.dll
2018-12-16 21:28:31 ----A---- C:\windows\SYSWOW64\wmp.dll
2018-12-16 21:28:29 ----A---- C:\windows\system32\ieframe.dll
2018-12-16 21:28:28 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-12-16 21:28:27 ----A---- C:\windows\system32\jscript9.dll
2018-12-16 21:28:26 ----A---- C:\windows\system32\win32k.sys
2018-12-16 21:28:25 ----A---- C:\windows\SYSWOW64\msxml6.dll
2018-12-16 21:28:25 ----A---- C:\windows\system32\msxml6.dll
2018-12-16 21:28:25 ----A---- C:\windows\system32\msxml3.dll
2018-12-16 21:28:24 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2018-12-16 21:28:24 ----A---- C:\windows\SYSWOW64\msxml3.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\rpcrt4.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\GdiPlus.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2018-12-16 21:28:22 ----A---- C:\windows\system32\vbscript.dll
2018-12-16 21:28:22 ----A---- C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28:21 ----A---- C:\windows\system32\gdi32.dll
2018-12-16 21:28:17 ----A---- C:\windows\system32\drivers\tm.sys
2018-12-16 21:28:07 ----A---- C:\windows\system32\t2embed.dll
2018-12-16 21:28:05 ----A---- C:\windows\SYSWOW64\t2embed.dll
2018-12-16 21:28:04 ----A---- C:\windows\system32\drivers\msrpc.sys
2018-12-16 21:28:02 ----A---- C:\windows\SYSWOW64\gdi32.dll
2018-12-16 21:27:51 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-12-16 21:27:48 ----A---- C:\windows\system32\wininet.dll
2018-12-16 21:27:46 ----A---- C:\windows\system32\urlmon.dll
2018-12-16 21:27:45 ----A---- C:\windows\system32\inetcomm.dll
2018-12-16 21:27:44 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-12-16 21:27:43 ----A---- C:\windows\system32\msfeeds.dll
2018-12-16 21:27:42 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2018-12-16 21:27:41 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-12-16 21:27:40 ----A---- C:\windows\system32\ieapfltr.dll
2018-12-16 21:27:39 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-12-16 21:27:38 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-12-16 21:27:37 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2018-12-16 21:27:37 ----A---- C:\windows\system32\GlobCollationHost.dll
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-stable.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-dev.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-canary.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2019-01-06 12:42:25 ----RD---- C:\Program Files
2019-01-06 12:42:13 ----D---- C:\windows\Temp
2019-01-06 12:42:13 ----D---- C:\windows\Prefetch
2019-01-06 12:39:54 ----D---- C:\windows\system32\config
2019-01-06 12:39:09 ----D---- C:\windows\SoftwareDistribution
2019-01-06 12:39:09 ----AD---- C:\Windows
2019-01-06 12:37:12 ----D---- C:\windows\WinSxS
2019-01-06 12:37:11 ----RD---- C:\Program Files (x86)
2019-01-06 12:37:11 ----D---- C:\windows\system32\drivers
2019-01-06 12:37:11 ----D---- C:\Program Files (x86)\Google
2019-01-06 12:37:10 ----D---- C:\ProgramData\Norton
2019-01-06 12:37:05 ----SHD---- C:\System Volume Information
2019-01-06 12:35:43 ----D---- C:\windows\system32\catroot
2019-01-06 12:35:14 ----D---- C:\windows\system32\Tasks
2019-01-06 12:33:53 ----RAD---- C:\windows\System32
2019-01-06 12:33:46 ----D---- C:\ProgramData\AVAST Software
2019-01-06 12:29:04 ----D---- C:\windows\Inf
2019-01-06 12:28:35 ----D---- C:\windows\AppReadiness
2019-01-06 12:26:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2019-01-06 12:25:06 ----SHD---- C:\windows\Installer
2019-01-06 12:25:04 ----D---- C:\Program Files (x86)\McAfee Safe Connect
2019-01-06 12:24:29 ----D---- C:\windows\system32\sru
2019-01-05 23:09:25 ----HD---- C:\ProgramData
2019-01-05 22:55:26 ----HD---- C:\windows\ELAMBKUP
2019-01-05 22:55:26 ----D---- C:\Program Files\Common Files
2019-01-05 22:28:20 ----D---- C:\windows\Panther
2019-01-05 22:28:18 ----D---- C:\windows\Logs
2019-01-05 22:28:18 ----D---- C:\windows\debug
2019-01-05 22:28:17 ----D---- C:\windows\Minidump
2019-01-04 14:43:04 ----D---- C:\windows\CbsTemp
2019-01-04 14:42:04 ----D---- C:\windows\SysWOW64
2019-01-04 14:41:17 ----D---- C:\windows\Microsoft.NET
2019-01-04 14:22:01 ----D---- C:\ProgramData\LU
2018-12-22 11:26:45 ----D---- C:\windows\rescache
2018-12-22 10:24:28 ----D---- C:\windows\system32\MRT
2018-12-22 10:17:49 ----AC---- C:\windows\system32\MRT.exe
2018-12-19 12:48:15 ----D---- C:\windows\system32\DriverStore
2018-12-19 12:43:28 ----D---- C:\windows\SYSWOW64\en-US
2018-12-19 12:43:28 ----D---- C:\windows\SYSWOW64\cs-CZ
2018-12-19 12:43:27 ----D---- C:\windows\system32\en-US
2018-12-19 12:43:27 ----D---- C:\windows\system32\cs-CZ
2018-12-17 15:32:20 ----RSD---- C:\windows\assembly
2018-12-17 15:31:33 ----D---- C:\ProgramData\Microsoft Help
2018-12-17 15:29:07 ----A---- C:\windows\win.ini
2018-12-17 15:27:43 ----D---- C:\windows\system32\catroot2
2018-12-16 20:38:08 ----D---- C:\Program Files (x86)\Dropbox
2018-12-10 23:04:09 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-12 36608]
R0 amdpsp;@oem62.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\windows\system32\DRIVERS\amdpsp.sys [2017-06-12 243048]
R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2019-01-06 37304]
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2019-01-06 196264]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswblog.sys [2019-01-06 320888]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2019-01-06 58160]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2019-01-06 88144]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2019-01-06 380144]
R0 BTATH_BUS;@oem10.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2019-01-06 203488]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2019-01-06 220688]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2019-01-06 239808]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2019-01-06 42488]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2019-01-06 111992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2019-01-06 1034056]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2019-01-06 474648]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2019-01-06 166472]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2019-01-06 218056]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2009-08-14 11576]
R3 ACPIVPC;@oem36.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2014-03-07 3892224]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem19.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-28 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem25.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
S1 deikbbou;deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys []
S3 aftap0901;@oem44.inf,%DeviceDescription%;AnchorFree TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\aftap0901.sys [2018-03-06 48624]
S3 amdkmcsp;@oem62.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2017-06-12 101232]
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys [2019-01-06 46584]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;@oem5.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 grmnusb;grmnusb; C:\windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 ldiagio_uefi;ldiagio; \??\C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [2015-12-22 25248]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS []
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem16.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 ssudmdm;@oem63.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-01-06 357816]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2018-12-13 51024]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-11-28 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-25 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-11-28 67856]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-01-06 7834368]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 107848]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-08-24 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 160960]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-11-28 308720]

-----------------EOF-----------------

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#2 Příspěvek od curt-xx »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by Pája (administrator) on LENOVIK (06-01-2019 12:43:49)
Running from C:\Users\Pája\Desktop
Loaded Profiles: Pája (Available Profiles: Pája)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Pokki) C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
() C:\Users\Pája\Desktop\RSITx64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2014-02-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4049216 2018-12-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\RunOnce: [Application Restart #3] => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
HKLM\...\Drivers32-x32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2014-10-29] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2014-10-29] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-11-28] ()
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 1.1.0.lnk [2015-03-22]
ShortcutTarget: OpenOffice.org 1.1.0.lnk -> C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{919F770A-BB88-4F92-BBD3-908315F5233B}: [DhcpNameServer] 150.209.1.3
Tcpip\..\Interfaces\{EC69B7E1-3AC6-4622-9CDB-5AFB221405D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"

CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default [2019-01-06]
CHR Extension: (Slides) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2018-09-23]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-31]
CHR Extension: (Sheets) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-29]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-06-14]
CHR Extension: (Skype) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-20]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2017-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-01]
CHR Extension: (Gmail) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-2296160937-1354267295-71492202-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-28] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-11-28] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 amdkmcsp; C:\windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-06] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [166472 2019-01-06] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [25248 2015-12-22] (Lenovo Group Limited (R))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-06 12:43 - 2019-01-06 12:44 - 000022912 _____ C:\Users\Pája\Desktop\FRST.txt
2019-01-06 12:43 - 2019-01-06 12:43 - 000000000 ____D C:\FRST
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-01-06 12:34 - 2019-01-06 12:33 - 000037304 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000320888 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000220688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000196264 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000058160 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-01-06 12:33 - 2019-01-06 12:33 - 000361352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 002426368 _____ (Farbar) C:\Users\Pája\Desktop\FRST64.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
2019-01-05 22:25 - 2019-01-05 22:25 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2019-01-05 22:25 - 2019-01-05 22:25 - 000002804 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-01-05 22:25 - 2019-01-05 22:25 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\Program Files\CCleaner
2019-01-04 21:40 - 2019-01-05 22:55 - 000000000 ____D C:\windows\System32\Tasks\Remediation
2018-12-24 15:46 - 2018-12-24 15:46 - 000052328 _____ () C:\windows\system32\Drivers\staport.sys
2018-12-24 15:43 - 2018-12-24 15:43 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-12-23 09:51 - 2018-12-23 09:55 - 000000000 ____D C:\Users\Pája\Desktop\Kosátko
2018-12-23 09:32 - 2018-12-23 09:34 - 000000000 ____D C:\Users\Pája\Desktop\flash 201812
2018-12-22 10:30 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-12-22 10:30 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-12-17 14:58 - 2018-12-17 22:04 - 001649061 _____ C:\Users\Pája\Downloads\Kosík_3.xlsx
2018-12-17 14:58 - 2018-12-17 14:58 - 000000165 ____H C:\Users\Pája\Downloads\~$Kosík_3.xlsx
2018-12-16 21:28 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-12-16 21:28 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-12-16 21:28 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-12-16 21:28 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-12-16 21:28 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-12-16 21:28 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-12-16 21:28 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-12-16 21:28 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-12-16 21:28 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-12-16 21:28 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-12-16 21:28 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-12-16 21:28 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2018-12-16 21:28 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-12-16 21:28 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-12-16 21:28 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-12-16 21:28 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-12-16 21:28 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-12-16 21:28 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-12-16 21:28 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-12-16 21:28 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-12-16 21:28 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-12-16 21:28 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-12-16 21:28 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\SysWOW64\locale.nls
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\system32\locale.nls
2018-12-16 21:27 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-12-16 21:27 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-12-16 21:27 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-12-16 21:27 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2018-12-16 21:27 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2018-12-16 20:37 - 2018-12-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-13 06:12 - 2018-12-13 06:12 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2018-12-08 12:52 - 2018-12-08 12:52 - 000101957 _____ C:\Users\Pája\Downloads\particka.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-06 12:43 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\SweetLabs App Platform
2019-01-06 12:42 - 2015-03-05 07:59 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2296160937-1354267295-71492202-1002
2019-01-06 12:39 - 2017-01-22 15:37 - 000050176 ___SH C:\Users\Pája\Desktop\Thumbs.db
2019-01-06 12:39 - 2016-10-02 16:08 - 000000000 ___RD C:\Users\Pája\Dropbox
2019-01-06 12:37 - 2016-10-02 16:04 - 000000916 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files\Google
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-06 12:37 - 2015-03-29 20:51 - 000000000 ____D C:\ProgramData\Norton
2019-01-06 12:37 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-01-06 12:36 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2019-01-06 12:35 - 2018-06-06 08:08 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-01-06 12:35 - 2014-11-28 05:25 - 000004608 _____ C:\windows\system32\VfService.trf
2019-01-06 12:33 - 2018-10-23 17:50 - 000042488 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000474648 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000380144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000239808 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000218056 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000203488 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000166472 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000111992 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000088144 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000046584 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2019-01-06 12:33 - 2018-06-06 08:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-06 12:32 - 2018-06-06 08:07 - 001034056 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-01-06 12:29 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2019-01-06 12:28 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\Packages
2019-01-06 12:28 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2019-01-06 12:26 - 2014-11-28 05:23 - 000734494 _____ C:\windows\system32\perfh005.dat
2019-01-06 12:26 - 2014-11-28 05:23 - 000148824 _____ C:\windows\system32\perfc005.dat
2019-01-06 12:26 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2019-01-06 12:25 - 2015-03-05 07:57 - 000003918 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A4127C0C-E430-420C-98E4-4677B5D74F72}
2019-01-05 23:09 - 2016-02-21 19:23 - 000000000 ____D C:\Users\Pája\AppData\Local\Google
2019-01-05 22:55 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2019-01-05 22:55 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2019-01-05 22:34 - 2018-06-06 08:13 - 000000000 ____D C:\Users\Pája\AppData\Local\AVAST Software
2019-01-05 22:28 - 2015-09-11 00:04 - 000000000 ____D C:\windows\Minidump
2019-01-05 22:28 - 2015-03-27 21:02 - 000000000 ____D C:\Users\Pája\AppData\Local\CrashDumps
2019-01-05 22:28 - 2014-04-03 20:15 - 000000000 ____D C:\windows\Panther
2019-01-05 22:26 - 2015-03-29 21:39 - 000528896 ___SH C:\Users\Pája\Downloads\Thumbs.db
2019-01-04 22:49 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája
2019-01-04 22:16 - 2016-10-02 16:04 - 000000920 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-04 14:43 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2019-01-04 14:22 - 2014-11-28 05:39 - 000000000 ____D C:\ProgramData\LU
2019-01-04 14:21 - 2015-06-28 11:25 - 000001279 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2019-01-04 14:20 - 2016-02-21 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-24 15:46 - 2018-06-06 08:11 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-22 11:26 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-12-22 10:24 - 2015-03-11 23:32 - 000000000 ____D C:\windows\system32\MRT
2018-12-22 10:17 - 2015-03-11 23:32 - 137260640 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-12-22 10:08 - 2015-12-06 23:37 - 000002444 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2018-12-22 10:06 - 2016-02-21 19:23 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-22 10:06 - 2016-02-21 19:23 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-22 10:06 - 2015-12-13 23:17 - 000003296 _____ C:\windows\System32\Tasks\SweetLabs App Platform
2018-12-19 12:47 - 2013-08-22 15:44 - 000501992 _____ C:\windows\system32\FNTCACHE.DAT
2018-12-17 15:32 - 2015-10-11 20:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-12-17 15:29 - 2013-08-22 14:25 - 000000188 _____ C:\windows\win.ini
2018-12-16 20:53 - 2016-02-21 19:24 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 20:53 - 2016-02-21 19:24 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-16 20:38 - 2016-10-02 16:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-10 23:04 - 2015-03-29 20:43 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-22 11:02 - 2015-03-22 11:02 - 000000091 _____ () C:\Users\Pája\AppData\Roaming\sversion.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 14:41

==================== End of FRST.txt ============================

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#3 Příspěvek od curt-xx »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Pája (06-01-2019 12:45:23)
Running from C:\Users\Pája\Desktop
Windows 8.1 (Update) (X64) (2015-03-05 06:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2296160937-1354267295-71492202-500 - Administrator - Disabled)
Guest (S-1-5-21-2296160937-1354267295-71492202-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2296160937-1354267295-71492202-1004 - Limited - Enabled)
Pája (S-1-5-21-2296160937-1354267295-71492202-1002 - Administrator - Enabled) => C:\Users\Pája

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{665D4B18-EA91-BE16-3212-218C63F5DC4E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.8.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.52 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\SweetLabs_AP) (Version: 0.269.8.718 - Pokki) <==== ATTENTION
Image Studio Lite 5.2 (HKLM\...\Image Studio Lite_is1) (Version: 5.2.5 - LI-COR, Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.36.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Mendeley Desktop 1.13.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.13.4 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{27710125-9C94-0EEE-7A40-39C60DFF7ECA}_is1) (Version: for Windows - )
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{C5EBDB82-27D7-857C-D956-2955F2F463D8}_is1) (Version: for Windows - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice.org 1.1.0 (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\OpenOffice.org 1.1.0) (Version: 1.1.0 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\SweetLabs_Start_Menu) (Version: 0.269.8.718 - Pokki)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001C0A50-B78A-41EB-AAB6-90A2C42DC9E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-23] (AVAST Software)
Task: {09F3A657-8465-4CCF-B84F-E0E24D6F566F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {0F7F2CCA-99AB-460F-94CB-661FE7970A80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {24C19A5F-DB50-4252-8BA4-38B58DFA098D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {2E7ED8E2-EAEC-4B9A-BB60-B6E0B9B2B986} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3191FC82-130C-4291-A8A6-7D1FC176827C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3363AB4C-CCD0-47EB-9869-AFF314AAEBF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {65F9FFA1-B6B0-4996-8E1B-77A0E3394B83} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6953C01F-8746-45BC-95B8-E719D3FD94F8} - System32\Tasks\SweetLabs App Platform => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-12-20] (Pokki)
Task: {69B54E35-E81E-41CD-8749-1ECD91BACCDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {71DC6258-DE8F-4126-9DA7-2FAE7AA559A4} - System32\Tasks\{C44BFDFE-5BB3-4750-AD4D-76A99B22868E} => c:\program files (x86)\avast software\browser\application\avastbrowser.exe
Task: {762E607F-18EF-4716-90AD-3DEAF05AD2B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {76810D45-A05E-48FD-9989-EA1B59802BC1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {842DDCD8-67D5-4224-862F-B2D47550D5AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {842F41F0-CC4F-480C-8292-2ACC5A2CC013} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {878EAE75-5104-4D74-9862-FB797EA8BB31} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {9DF04557-035A-4B46-8377-7E49DCAA0F88} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {A91B072E-3A28-4A98-B2F0-89CC6726A411} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {AFE0C5E0-33C9-46DA-A03C-4E97FF6749A5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-11-28] ()
Task: {B417B4A0-FC95-495C-BC30-8765672825D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {B5E5F1C5-9A31-4665-B14E-80DBE84D418A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {C4F1D9F4-F47D-4E67-BC51-E6DF188EF864} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {E40D9130-F145-4FFA-8B13-C99BF3E745B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {FACB164D-1347-45A0-A8D1-65407CDCF3E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {FDA7A9B1-F138-47DE-ABC1-4C2F03756CA2} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {FF359F9B-F57D-4A46-97E3-79B08B4BA48C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-20 08:01 - 2015-02-20 08:01 - 000022528 _____ () C:\windows\System32\us001lm.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-11-28 05:21 - 2012-04-25 03:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-02-26 07:14 - 2014-02-26 07:14 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 07:11 - 2014-02-26 07:11 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-11-28 04:46 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-02-26 07:17 - 2014-02-26 07:17 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-26 21:50 - 2014-11-28 05:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-11-28 05:25 - 2014-11-28 05:25 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ () C:\Users\Pája\Desktop\RSITx64.exe
2017-04-18 04:45 - 2017-04-18 04:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2003-10-06 01:10 - 2003-10-06 01:10 - 008470528 _____ () C:\Program Files (x86)\OpenOffice.org1.1.0\program\icudt22l.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 22:13 - 2018-12-13 06:12 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-12-16 20:37 - 2018-12-13 06:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:14 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 011727696 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 22:13 - 2018-12-13 06:16 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-16 20:37 - 2018-12-13 06:15 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2017-04-18 04:45 - 2017-04-18 04:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 044778704 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\libPokki.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 001413856 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 000164064 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 000235744 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 09:37 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB2202A0-6F50-4FC0-B92C-91CA74B40973}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{D5462924-8768-4332-B568-2CE9030B2AEA}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{ED6E2FA2-B544-4982-8537-F6B54EFABBEF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{F2C5BF95-5DF0-411B-8A76-4EF489660ACE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{17652394-3A18-45D8-80ED-585E8A8FA7DB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{04D06923-D298-47E6-A51D-1DE4DF899D3A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp.)
FirewallRules: [{4FF65943-C0BB-486D-8DF4-BFA4956B392B}] => (Allow) LPort=55100
FirewallRules: [{D976B529-AD82-4730-99A0-C81689C38C30}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo)
FirewallRules: [{D1ED99F8-5891-4A6A-8D40-09DCFFF05A80}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{595D84B2-DD66-476C-9C60-386EE13E6FA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{8A212669-46F5-4530-92AF-0E2E1B9723EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{972AF5F4-B40C-4CAB-9B05-8EBB5E82A691}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{E04CBB3C-59F3-48BA-AECC-65016FA3C3CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{5E56B3A0-5069-472B-B786-CE70962B0019}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{397A5955-EEEF-40EF-830A-774D4475C0F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{0300FF29-0992-4BA8-BD90-FE63B1A5ABF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FDFF3C38-C82D-4142-A65A-2098AD33CE45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{49C87F97-F265-4C17-BCE4-F9C4E6F92AE7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{2F4CE46F-FF8E-4979-8E05-914B581565AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{D54650BB-9DEB-4C64-A189-126E498F01F4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6D2F26F6-D0D7-4D88-8E96-54764E108D82}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{19C80DB7-A9D9-4490-A7D2-1BF0C4053322}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{E48B64DD-E2FF-4837-B28F-63FD7FDE9F54}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D9CC2362-9666-4744-BC82-234F40A034BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{C0D9A4C7-8BD4-44B9-83F0-96088624219E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A9BC7018-9E67-4E0B-8F27-B4CE77C39685}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{48EEEBC1-9282-4D1F-BDA8-9233B277F895}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{74F35348-75C2-4178-A4D1-F16F3E22ED2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

17-12-2018 15:16:36 Windows Update
22-12-2018 10:16:38 Windows Update
04-01-2019 14:41:24 Windows Update
06-01-2019 12:23:21 Removed McAfee Safe Connect

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2019 12:28:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (4100) WebCacheLocal: An attempt to open the file "C:\Users\Pája\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avastm) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avast) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:22:13 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).


System errors:
=============
Error: (01/05/2019 11:12:35 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/04/2019 03:07:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000032117. The name of the file is "<unable to determine file name>".

Error: (01/04/2019 03:06:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000005642d. The name of the file is "<unable to determine file name>".

Error: (01/04/2019 02:42:03 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/04/2019 02:41:33 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/04/2019 09:34:37 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:17:02 on ‎31. ‎12. ‎2018 was unexpected.

Error: (12/31/2018 09:16:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.

Error: (12/24/2018 03:43:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.


Windows Defender:
===================================
Date: 2018-09-15 21:08:02.838
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {60B3DF77-3A9C-4FBC-9C50-D8F4830DF7BF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 21:00:38.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {760F0CCF-9CA1-4D02-8E0A-D7D1C9416A75}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:58:37.059
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8EE771B3-2648-4AB3-B868-46A5422D97A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 09:46:10.566
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8B045A70-DE0F-44F7-91D0-FE091FE38EF8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 04:20:51.586
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {44849852-4FD2-4AE8-9D2F-D344165FF8F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:37:05.842
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2018-09-15 19:37:04.235
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Date: 2018-09-15 19:35:20.184
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.

CodeIntegrity:
===================================

Date: 2018-09-06 04:20:54.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 14:19:36.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 09:33:11.644
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 30%
Total physical RAM: 7128.26 MB
Available physical RAM: 4929.43 MB
Total Virtual: 8280.26 MB
Available Virtual: 6233.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.06 GB) (Free:687.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.96 GB) NTFS
Drive e: (Pavla_DVD1) (CDROM) (Total:3.82 GB) (Free:0 GB) UDF

\\?\Volume{8d6ddfd7-1708-4de8-b05e-d3e821b2e0ba}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{6a012311-1a48-46c0-82c3-7b5a3e420d30}\ (PBR_DRV) (Fixed) (Total:14.12 GB) (Free:4.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A9F4670)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#4 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#5 Příspěvek od curt-xx »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-07-2019
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 18
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Not Deleted C:\Users\Pája\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6953C01F-8746-45BC-95B8-E719D3FD94F8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2910 octets] - [07/01/2019 18:29:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#6 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#7 Příspěvek od curt-xx »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019
Ran by Pája (administrator) on LENOVIK (09-01-2019 19:36:06)
Running from C:\Users\Pája\Desktop
Loaded Profiles: Pája (Available Profiles: Pája)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2014-02-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4049216 2018-12-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\RunOnce: [Application Restart #3] => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
HKLM\...\Drivers32-x32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-11-28] ()
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 1.1.0.lnk [2015-03-22]
ShortcutTarget: OpenOffice.org 1.1.0.lnk -> C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{919F770A-BB88-4F92-BBD3-908315F5233B}: [DhcpNameServer] 150.209.1.3
Tcpip\..\Interfaces\{EC69B7E1-3AC6-4622-9CDB-5AFB221405D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-12-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default [2019-01-09]
CHR Extension: (Slides) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2018-09-23]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-31]
CHR Extension: (Sheets) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-29]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-06-14]
CHR Extension: (Skype) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-20]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2017-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-01]
CHR Extension: (Gmail) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-2296160937-1354267295-71492202-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-28] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-11-28] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 amdkmcsp; C:\windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-06] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [166472 2019-01-06] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [25248 2015-12-22] (Lenovo Group Limited (R))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-09 19:35 - 2019-01-09 19:35 - 000000000 ____D C:\Users\Pája\Desktop\FRST-OlderVersion
2019-01-07 18:39 - 2019-01-07 18:39 - 000362491 _____ C:\Users\Pája\Downloads\optimalni_nastaveni_elektronickych_vypisu.pdf
2019-01-07 18:39 - 2019-01-07 18:39 - 000088251 _____ C:\Users\Pája\Downloads\CSP_CCR_12_81_0012108854_20181227.PDF
2019-01-07 18:29 - 2019-01-07 18:30 - 000000000 ____D C:\AdwCleaner
2019-01-07 18:27 - 2019-01-07 18:28 - 007320272 _____ (Malwarebytes) C:\Users\Pája\Desktop\adwcleaner_7.2.6.0.exe
2019-01-07 13:07 - 2019-01-07 13:07 - 000167073 _____ C:\Users\Pája\Desktop\Kosík_3_kos.xlsx
2019-01-07 13:02 - 2019-01-07 13:02 - 000169020 _____ C:\Users\Pája\Downloads\Kosík_3 (1).xlsx
2019-01-06 18:35 - 2019-01-06 18:35 - 940821296 _____ C:\windows\MEMORY.DMP
2019-01-06 18:35 - 2019-01-06 18:35 - 000281584 _____ C:\windows\Minidump\010619-23250-01.dmp
2019-01-06 12:45 - 2019-01-06 12:45 - 000055936 _____ C:\Users\Pája\Desktop\Addition.txt
2019-01-06 12:43 - 2019-01-09 19:36 - 000022472 _____ C:\Users\Pája\Desktop\FRST.txt
2019-01-06 12:43 - 2019-01-09 19:36 - 000000000 ____D C:\FRST
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-01-06 12:34 - 2019-01-06 12:33 - 000037304 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000320888 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000220688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000196264 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000058160 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-01-06 12:33 - 2019-01-06 12:33 - 000361352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-01-06 12:27 - 2019-01-09 19:35 - 002425344 _____ (Farbar) C:\Users\Pája\Desktop\FRST64.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
2019-01-05 22:25 - 2019-01-05 22:25 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2019-01-05 22:25 - 2019-01-05 22:25 - 000002804 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-01-05 22:25 - 2019-01-05 22:25 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\Program Files\CCleaner
2019-01-04 21:40 - 2019-01-05 22:55 - 000000000 ____D C:\windows\System32\Tasks\Remediation
2018-12-24 15:46 - 2018-12-24 15:46 - 000052328 _____ () C:\windows\system32\Drivers\staport.sys
2018-12-24 15:43 - 2018-12-24 15:43 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-12-23 09:51 - 2018-12-23 09:55 - 000000000 ____D C:\Users\Pája\Desktop\Kosátko
2018-12-23 09:32 - 2018-12-23 09:34 - 000000000 ____D C:\Users\Pája\Desktop\flash 201812
2018-12-22 10:30 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-12-22 10:30 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-12-17 14:58 - 2018-12-17 22:04 - 001649061 _____ C:\Users\Pája\Downloads\Kosík_3.xlsx
2018-12-17 14:58 - 2018-12-17 14:58 - 000000165 ____H C:\Users\Pája\Downloads\~$Kosík_3.xlsx
2018-12-16 21:28 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-12-16 21:28 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-12-16 21:28 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-12-16 21:28 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-12-16 21:28 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-12-16 21:28 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-12-16 21:28 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-12-16 21:28 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-12-16 21:28 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-12-16 21:28 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-12-16 21:28 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-12-16 21:28 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2018-12-16 21:28 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-12-16 21:28 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-12-16 21:28 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-12-16 21:28 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-12-16 21:28 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-12-16 21:28 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-12-16 21:28 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-12-16 21:28 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-12-16 21:28 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-12-16 21:28 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-12-16 21:28 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\SysWOW64\locale.nls
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\system32\locale.nls
2018-12-16 21:27 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-12-16 21:27 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-12-16 21:27 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-12-16 21:27 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2018-12-16 21:27 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2018-12-16 20:37 - 2018-12-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-13 06:12 - 2018-12-13 06:12 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-09 19:16 - 2016-10-02 16:04 - 000000920 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-09 19:09 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2019-01-09 19:07 - 2015-03-05 07:59 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2296160937-1354267295-71492202-1002
2019-01-09 19:02 - 2015-10-11 20:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-01-09 18:50 - 2015-03-05 07:57 - 000003918 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A4127C0C-E430-420C-98E4-4677B5D74F72}
2019-01-09 18:49 - 2014-11-28 05:23 - 000734494 _____ C:\windows\system32\perfh005.dat
2019-01-09 18:49 - 2014-11-28 05:23 - 000148824 _____ C:\windows\system32\perfc005.dat
2019-01-09 18:49 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2019-01-09 18:49 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2019-01-09 18:48 - 2016-10-02 16:08 - 000000000 ___RD C:\Users\Pája\Dropbox
2019-01-09 18:47 - 2016-10-02 16:04 - 000000916 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-07 18:41 - 2015-06-28 11:25 - 000001279 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2019-01-07 18:41 - 2014-11-28 05:39 - 000000000 ____D C:\ProgramData\LU
2019-01-07 18:31 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-01-07 18:30 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája
2019-01-07 18:30 - 2014-11-28 05:25 - 000004608 _____ C:\windows\system32\VfService.trf
2019-01-07 13:02 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\Packages
2019-01-07 12:56 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\SweetLabs App Platform
2019-01-06 18:35 - 2015-09-11 00:04 - 000000000 ____D C:\windows\Minidump
2019-01-06 15:25 - 2017-01-22 15:37 - 000050176 ___SH C:\Users\Pája\Desktop\Thumbs.db
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files\Google
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-06 12:37 - 2015-03-29 20:51 - 000000000 ____D C:\ProgramData\Norton
2019-01-06 12:36 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2019-01-06 12:35 - 2018-06-06 08:08 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-01-06 12:33 - 2018-10-23 17:50 - 000042488 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000474648 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000380144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000239808 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000218056 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000203488 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000166472 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000111992 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000088144 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000046584 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2019-01-06 12:33 - 2018-06-06 08:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-06 12:32 - 2018-06-06 08:07 - 001034056 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-01-06 12:28 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2019-01-05 23:09 - 2016-02-21 19:23 - 000000000 ____D C:\Users\Pája\AppData\Local\Google
2019-01-05 22:55 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2019-01-05 22:55 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2019-01-05 22:34 - 2018-06-06 08:13 - 000000000 ____D C:\Users\Pája\AppData\Local\AVAST Software
2019-01-05 22:28 - 2015-03-27 21:02 - 000000000 ____D C:\Users\Pája\AppData\Local\CrashDumps
2019-01-05 22:28 - 2014-04-03 20:15 - 000000000 ____D C:\windows\Panther
2019-01-05 22:26 - 2015-03-29 21:39 - 000528896 ___SH C:\Users\Pája\Downloads\Thumbs.db
2019-01-04 14:20 - 2016-02-21 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-24 15:46 - 2018-06-06 08:11 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-22 11:26 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-12-22 10:24 - 2015-03-11 23:32 - 000000000 ____D C:\windows\system32\MRT
2018-12-22 10:17 - 2015-03-11 23:32 - 137260640 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-12-22 10:06 - 2016-02-21 19:23 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-22 10:06 - 2016-02-21 19:23 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 12:47 - 2013-08-22 15:44 - 000501992 _____ C:\windows\system32\FNTCACHE.DAT
2018-12-17 15:29 - 2013-08-22 14:25 - 000000188 _____ C:\windows\win.ini
2018-12-16 20:53 - 2016-02-21 19:24 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 20:53 - 2016-02-21 19:24 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-16 20:38 - 2016-10-02 16:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-10 23:04 - 2015-03-29 20:43 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-22 11:02 - 2015-03-22 11:02 - 000000091 _____ () C:\Users\Pája\AppData\Roaming\sversion.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 14:41

==================== End of FRST.txt ============================

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#8 Příspěvek od curt-xx »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019
Ran by Pája (09-01-2019 19:37:12)
Running from C:\Users\Pája\Desktop
Windows 8.1 (Update) (X64) (2015-03-05 06:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2296160937-1354267295-71492202-500 - Administrator - Disabled)
Guest (S-1-5-21-2296160937-1354267295-71492202-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2296160937-1354267295-71492202-1004 - Limited - Enabled)
Pája (S-1-5-21-2296160937-1354267295-71492202-1002 - Administrator - Enabled) => C:\Users\Pája

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{665D4B18-EA91-BE16-3212-218C63F5DC4E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.8.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.52 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Image Studio Lite 5.2 (HKLM\...\Image Studio Lite_is1) (Version: 5.2.5 - LI-COR, Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.36.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Mendeley Desktop 1.13.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.13.4 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{27710125-9C94-0EEE-7A40-39C60DFF7ECA}_is1) (Version: for Windows - )
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{C5EBDB82-27D7-857C-D956-2955F2F463D8}_is1) (Version: for Windows - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice.org 1.1.0 (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\OpenOffice.org 1.1.0) (Version: 1.1.0 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001C0A50-B78A-41EB-AAB6-90A2C42DC9E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-23] (AVAST Software)
Task: {09F3A657-8465-4CCF-B84F-E0E24D6F566F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {0F7F2CCA-99AB-460F-94CB-661FE7970A80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {24C19A5F-DB50-4252-8BA4-38B58DFA098D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {2E7ED8E2-EAEC-4B9A-BB60-B6E0B9B2B986} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3191FC82-130C-4291-A8A6-7D1FC176827C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3363AB4C-CCD0-47EB-9869-AFF314AAEBF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {65F9FFA1-B6B0-4996-8E1B-77A0E3394B83} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {69B54E35-E81E-41CD-8749-1ECD91BACCDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {71DC6258-DE8F-4126-9DA7-2FAE7AA559A4} - System32\Tasks\{C44BFDFE-5BB3-4750-AD4D-76A99B22868E} => c:\program files (x86)\avast software\browser\application\avastbrowser.exe
Task: {762E607F-18EF-4716-90AD-3DEAF05AD2B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {76810D45-A05E-48FD-9989-EA1B59802BC1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {842DDCD8-67D5-4224-862F-B2D47550D5AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {842F41F0-CC4F-480C-8292-2ACC5A2CC013} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {878EAE75-5104-4D74-9862-FB797EA8BB31} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {9DF04557-035A-4B46-8377-7E49DCAA0F88} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {A91B072E-3A28-4A98-B2F0-89CC6726A411} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {AFE0C5E0-33C9-46DA-A03C-4E97FF6749A5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-11-28] ()
Task: {B417B4A0-FC95-495C-BC30-8765672825D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {B5E5F1C5-9A31-4665-B14E-80DBE84D418A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {C4F1D9F4-F47D-4E67-BC51-E6DF188EF864} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {E40D9130-F145-4FFA-8B13-C99BF3E745B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {FACB164D-1347-45A0-A8D1-65407CDCF3E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {FDA7A9B1-F138-47DE-ABC1-4C2F03756CA2} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {FF359F9B-F57D-4A46-97E3-79B08B4BA48C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-20 08:01 - 2015-02-20 08:01 - 000022528 _____ () C:\windows\System32\us001lm.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-11-28 05:21 - 2012-04-25 03:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-11-28 05:25 - 2014-11-28 05:25 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-02-26 07:14 - 2014-02-26 07:14 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 07:11 - 2014-02-26 07:11 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 07:17 - 2014-02-26 07:17 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-11-28 04:46 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 21:50 - 2014-11-28 05:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-04-18 04:45 - 2017-04-18 04:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2003-10-06 01:10 - 2003-10-06 01:10 - 008470528 _____ () C:\Program Files (x86)\OpenOffice.org1.1.0\program\icudt22l.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 22:13 - 2018-12-13 06:12 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-12-16 20:37 - 2018-12-13 06:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:14 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 011727696 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 22:13 - 2018-12-13 06:16 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-16 20:37 - 2018-12-13 06:15 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2017-04-18 04:45 - 2017-04-18 04:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 09:37 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB2202A0-6F50-4FC0-B92C-91CA74B40973}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{D5462924-8768-4332-B568-2CE9030B2AEA}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{ED6E2FA2-B544-4982-8537-F6B54EFABBEF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{F2C5BF95-5DF0-411B-8A76-4EF489660ACE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{17652394-3A18-45D8-80ED-585E8A8FA7DB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{04D06923-D298-47E6-A51D-1DE4DF899D3A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp.)
FirewallRules: [{4FF65943-C0BB-486D-8DF4-BFA4956B392B}] => (Allow) LPort=55100
FirewallRules: [{D976B529-AD82-4730-99A0-C81689C38C30}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo)
FirewallRules: [{D1ED99F8-5891-4A6A-8D40-09DCFFF05A80}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{595D84B2-DD66-476C-9C60-386EE13E6FA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{8A212669-46F5-4530-92AF-0E2E1B9723EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{972AF5F4-B40C-4CAB-9B05-8EBB5E82A691}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{E04CBB3C-59F3-48BA-AECC-65016FA3C3CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{5E56B3A0-5069-472B-B786-CE70962B0019}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{397A5955-EEEF-40EF-830A-774D4475C0F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{0300FF29-0992-4BA8-BD90-FE63B1A5ABF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FDFF3C38-C82D-4142-A65A-2098AD33CE45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{49C87F97-F265-4C17-BCE4-F9C4E6F92AE7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{2F4CE46F-FF8E-4979-8E05-914B581565AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{D54650BB-9DEB-4C64-A189-126E498F01F4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6D2F26F6-D0D7-4D88-8E96-54764E108D82}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{19C80DB7-A9D9-4490-A7D2-1BF0C4053322}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{E48B64DD-E2FF-4837-B28F-63FD7FDE9F54}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D9CC2362-9666-4744-BC82-234F40A034BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{C0D9A4C7-8BD4-44B9-83F0-96088624219E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A9BC7018-9E67-4E0B-8F27-B4CE77C39685}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{48EEEBC1-9282-4D1F-BDA8-9233B277F895}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{74F35348-75C2-4178-A4D1-F16F3E22ED2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

22-12-2018 10:16:38 Windows Update
04-01-2019 14:41:24 Windows Update
06-01-2019 12:23:21 Removed McAfee Safe Connect
09-01-2019 19:00:21 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2019 01:23:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).

Error: (01/06/2019 12:28:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (4100) WebCacheLocal: An attempt to open the file "C:\Users\Pája\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avastm) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avast) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (01/09/2019 07:35:16 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\windows\AppCompat\Programs\Amcache.hve

Error: (01/09/2019 07:11:44 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000005642d. The name of the file is "<unable to determine file name>".

Error: (01/09/2019 07:00:47 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/09/2019 07:00:16 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/07/2019 06:53:50 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VeriFaceSrv service terminated unexpectedly. It has done this 1 time(s).

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Conexant SmartAudio service service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
===================================
Date: 2018-09-15 21:08:02.838
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {60B3DF77-3A9C-4FBC-9C50-D8F4830DF7BF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 21:00:38.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {760F0CCF-9CA1-4D02-8E0A-D7D1C9416A75}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:58:37.059
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8EE771B3-2648-4AB3-B868-46A5422D97A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 09:46:10.566
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8B045A70-DE0F-44F7-91D0-FE091FE38EF8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 04:20:51.586
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {44849852-4FD2-4AE8-9D2F-D344165FF8F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:37:05.842
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2018-09-15 19:37:04.235
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Date: 2018-09-15 19:35:20.184
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.

CodeIntegrity:
===================================

Date: 2018-09-06 04:20:54.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 14:19:36.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 09:33:11.644
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 30%
Total physical RAM: 7128.26 MB
Available physical RAM: 4921.6 MB
Total Virtual: 14296.26 MB
Available Virtual: 11857.01 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.06 GB) (Free:679.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.96 GB) NTFS
Drive e: (Pavla_DVD1) (CDROM) (Total:3.82 GB) (Free:0 GB) UDF

\\?\Volume{8d6ddfd7-1708-4de8-b05e-d3e821b2e0ba}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{6a012311-1a48-46c0-82c3-7b5a3e420d30}\ (PBR_DRV) (Fixed) (Total:14.12 GB) (Free:4.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A9F4670)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#9 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    File: C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
    File: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
    File: C:\windows\system32\pla.dll
    Folder: C:\Users\Pája\AppData\Local\SweetLabs App Platform
    Folder: C:\windows\Minidump
    Zip: C:\windows\Minidump
    
    HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
    HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
    HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL = 
    SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL = 
    Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
    CHR NewTab: Default ->  Not-active:"chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"
    CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
    CHR DefaultSearchKeyword: Default -> NortonSafe
    CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
    S3 dbx; system32\DRIVERS\dbx.sys [X]
    S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
    S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
    S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]
    2019-01-09 19:35 - 2019-01-09 19:35 - 000000000 ____D C:\Users\Pája\Desktop\FRST-OlderVersion
    2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
    2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
    2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
    2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
    AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
    AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
    AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
    AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
    AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
    AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
    AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
    C:\Users\Pája\AppData\Local\SweetLabs App Platform
    
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche by sa mal vytvorit ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz a posli odkaz na stiahnutie.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o preventivní kontrolu

#10 Příspěvek od curt-xx »

Dobrý den, zeptám se možná úplně hloupě, ale tenhle úkon ty věci promaže? Jde mi o to, že v tom seznamu vidím např. DEPH, což jsou pracovní věci či články sdílené na dropboxu. Omlouvám se, ale raději se ptám, když jsem si toho všiml. děkuji

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#11 Příspěvek od Conder »

Vseobecne sa da povedat, ze "veci" vo fixliste sa zmazu (subory, adresare, hodnoty, kluce v registroch...), pripadne obnovia na predvolene hodnoty (registre), avsak treba brat do uvahy cely riadok, hlavne jeho zaciatok. Pri tych "DEHP veciach" a dalsich riadkoch zacinajucich s "AlternateDataStreams:" sa dane subory nezmazu, zmaze sa iba tzv. Alternative Data Stream (ADS) daneho suboru. ADS vacsinou preventivne premazavame vsetky. V tomto pripade sa podla nazvu jedna zrejme o nejake metadata Dropboxu, teda nic neskodne, tak kludne mozes pre "pokoj v dusi" tie riadky zacinajuce s "AlternateDataStreams:" odstranit.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět