Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Prosím o kontrolu logu

#1 Příspěvek od curt-xx »

Dobry den,

prosim o kontrolu logu. Rodice maji silene zpomaleny notebook. predem moc dekuji


Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří at 2018-12-25 16:31:06
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 257 GB (59%) free of 435 GB
Total RAM: 3978 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:13, on 25. 12. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [WinZip UN] C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe
O4 - HKLM\..\Run: [WinZip PreLoader] C:\Program Files (x86)\WinZip\WzPreloader.exe
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKCU\..\Run: [BingSvc] C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee Vpn Service - Unknown owner - C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WinZip Smart Monitor Service - Unknown owner - C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10356 bytes

======Listing Processes======





wininit.exe

winlogon.exe


C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5dd221c4-f014-475e-9911-a7b32eb26fcd -SystemEventPortName:HostProcess-9bf33853-7547-4c58-b4a2-3cc1687bb03c -IoCancelEventPortName:HostProcess-de429c61-6ef4-4669-9cd8-1ef4d11779b7 -NonStateChangingEventPortName:HostProcess-589cb1fc-5c41-4529-af35-7d1c1a48185f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ae2162ef-01df-4919-aa33-f0a9bd955ffa -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-affa048b-8290-41a2-88ea-46e82a77f388 -SystemEventPortName:HostProcess-a684c80a-1d1e-42d7-a9ec-1fe8f1966c6b -IoCancelEventPortName:HostProcess-4ca590d2-613b-4dfa-91cb-67b029d58c2a -NonStateChangingEventPortName:HostProcess-e9c930ff-1199-48c8-acab-25ff070cceee -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:94020f47-3ff8-4aa0-b006-285ac6b343f7 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe
"C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe" -run
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe"
"C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
AvastUI.exe /nogui
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
adb fork-server server
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\Jiří\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\WINDOWS\system32\CompatTelRunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:33LSeYyCSkCVGmPm.1
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.0.1916526016\1636330862" -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Jiří\AppData\LocalLow\Mozilla\Temp-{165450ad-8631-4fb6-8313-005aa10e68fa}" 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 1276 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.3.1174261143\1534450545" -childID 1 -isForBrowser -prefsHandle 1836 -prefMapHandle 1924 -prefsLen 1 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 1800 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.13.94107912\1777983848" -childID 2 -isForBrowser -prefsHandle 2856 -prefMapHandle 2860 -prefsLen 79 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 2792 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.20.1463642786\118788423" -childID 3 -isForBrowser -prefsHandle 3160 -prefMapHandle 3164 -prefsLen 173 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 3168 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.27.1711889532\2018653066" -childID 4 -isForBrowser -prefsHandle 7912 -prefMapHandle 7676 -prefsLen 5854 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 7680 tab

C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.48.537618124\2033570955" -childID 7 -isForBrowser -prefsHandle 7012 -prefMapHandle 7564 -prefsLen 6366 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 7212 tab
wmiadap.exe /R /T
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe183_ Global\UsGthrCtrlFltPipeMssGthrPipe183 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Jiří\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default

prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.101 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.101 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-01-21 6340312]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2014-01-09 1622072]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-01-07 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2015-01-07 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2015-01-07 10973168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-11-22 242392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"McAfeeSafeConnect"=C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [2017-10-10 1034160]
"BingSvc"=C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2017-12-26 144008]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-11-09 49805160]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"WinZip UN"=C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [2017-04-19 1580032]
"WinZip PreLoader"=C:\Program Files (x86)\WinZip\WzPreloader.exe [2017-04-19 124360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-12-25 16:22:51 ----D---- C:\Program Files\trend micro
2018-12-25 16:22:50 ----D---- C:\rsit
2018-12-24 22:24:00 ----D---- C:\Users\Jiří\AppData\Roaming\WebApp
2018-12-24 17:27:13 ----D---- C:\Users\Jiří\AppData\Roaming\CyberLink
2018-12-20 07:54:50 ----A---- C:\WINDOWS\system32\jscript.dll
2018-12-20 07:54:49 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-12-12 06:16:11 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-12-12 06:16:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-12-12 06:16:00 ----A---- C:\WINDOWS\system32\wmp.dll
2018-12-12 06:15:56 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-12-12 06:15:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-12-12 06:15:50 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-12-12 06:15:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-12-12 06:15:44 ----A---- C:\WINDOWS\system32\win32k.sys
2018-12-12 06:15:43 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-12-12 06:15:42 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-12-12 06:15:41 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 06:15:41 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-12-12 06:15:39 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-12-12 06:15:38 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-12 06:15:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2018-12-12 06:15:35 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 06:15:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-12-12 06:15:33 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-12-12 06:15:32 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-12-12 06:15:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-12-12 06:15:31 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-12-12 06:15:29 ----A---- C:\WINDOWS\system32\gdi32.dll
2018-12-12 06:15:28 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-12-12 06:15:16 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-12-12 06:15:14 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-12-12 06:15:13 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-12-12 06:15:09 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2018-12-12 06:15:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-12-12 06:14:51 ----A---- C:\WINDOWS\system32\wininet.dll
2018-12-12 06:14:49 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-12-12 06:14:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-12-12 06:14:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-12-12 06:14:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-12 06:14:45 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll

======List of files/folders modified in the last 1 month======

2018-12-25 16:30:25 ----D---- C:\WINDOWS\Temp
2018-12-25 16:28:21 ----AD---- C:\Windows
2018-12-25 16:28:10 ----D---- C:\WINDOWS\Inf
2018-12-25 16:23:03 ----D---- C:\WINDOWS\Prefetch
2018-12-25 16:22:51 ----D---- C:\Program Files
2018-12-25 16:17:46 ----SHD---- C:\WINDOWS\Installer
2018-12-25 16:07:28 ----D---- C:\WINDOWS\system32\sru
2018-12-24 17:27:25 ----D---- C:\ProgramData\CyberLink
2018-12-24 17:27:19 ----D---- C:\Users\Jiří\AppData\Roaming\Lenovo
2018-12-24 17:27:14 ----D---- C:\ProgramData\Lenovo
2018-12-24 12:43:51 ----D---- C:\WINDOWS\Microsoft.NET
2018-12-22 22:46:47 ----D---- C:\WINDOWS\SoftwareDistribution
2018-12-22 17:22:37 ----D---- C:\Users\Jiří\AppData\Roaming\TeamViewer
2018-12-22 17:18:47 ----D---- C:\WINDOWS\debug
2018-12-22 17:17:11 ----D---- C:\WINDOWS\system32\Tasks
2018-12-22 17:17:07 ----D---- C:\Program Files\CCleaner
2018-12-22 17:12:20 ----HD---- C:\ProgramData
2018-12-22 17:11:58 ----D---- C:\WINDOWS\Tasks
2018-12-22 14:10:32 ----D---- C:\Program Files\Mozilla Firefox
2018-12-22 14:10:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-22 13:33:57 ----D---- C:\WINDOWS\system32\config
2018-12-21 14:51:34 ----SHD---- C:\System Volume Information
2018-12-21 14:44:31 ----D---- C:\WINDOWS\WinSxS
2018-12-21 14:29:38 ----D---- C:\WINDOWS\system32\catroot2
2018-12-20 12:50:24 ----SHD---- C:\Config.Msi
2018-12-20 12:45:25 ----RD---- C:\Program Files (x86)
2018-12-20 08:25:18 ----D---- C:\WINDOWS\CbsTemp
2018-12-20 08:24:23 ----RAD---- C:\WINDOWS\System32
2018-12-20 08:24:23 ----D---- C:\WINDOWS\SysWOW64
2018-12-16 08:36:48 ----D---- C:\WINDOWS\rescache
2018-12-15 20:17:39 ----D---- C:\ProgramData\LU
2018-12-15 20:07:23 ----D---- C:\WINDOWS\system32\DriverStore
2018-12-15 20:07:16 ----D---- C:\Program Files (x86)\TeamViewer
2018-12-15 20:07:01 ----D---- C:\ProgramData\Validity
2018-12-15 20:06:38 ----D---- C:\WINDOWS\system32\drivers
2018-12-15 20:00:00 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-12-15 20:00:00 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-12-15 19:59:59 ----D---- C:\WINDOWS\system32\en-US
2018-12-15 19:59:59 ----D---- C:\WINDOWS\system32\cs-CZ
2018-12-12 19:24:14 ----D---- C:\WINDOWS\system32\MRT
2018-12-12 06:27:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-12-06 05:48:34 ----D---- C:\WINDOWS\system32\Macromed
2018-12-06 05:48:27 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-12-01 00:43:41 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-11-22 201768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-11-22 346592]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-11-22 59496]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-11-22 87432]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-11-22 380464]
R0 LubSec;LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-11-22 201240]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-11-22 230344]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-11-26 239840]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2018-11-22 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-11-22 111800]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-11-22 1028680]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-11-22 469272]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-01-22 19760]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-11-22 163208]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-11-22 208472]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-01-07 35576]
R3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-09 3797416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem44.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 tap0901;@oem45.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2017-10-10 27136]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2013-07-02 87568]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2016-09-09 85656]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-11-22 46384]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-11-22 324000]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-09 330144]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2015-01-07 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2018-02-09 1880864]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-01-07 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-04-03 11293936]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2014-07-24 49040]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\WINDOWS\system32\valWbioSyncSvc.exe [2014-07-24 32256]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-11-22 8188768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22 164984]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10 153168]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06 335872]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22 164984]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-09 291736]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10 153168]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 McAfee Vpn Service;McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [2017-10-10 320944]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-01-19 272136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-12-22 227792]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-01-07 305136]

-----------------EOF-----------------
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#2 Příspěvek od curt-xx »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jiří at 2018-12-25 16:31:06
Microsoft Windows 8.1 s aplikací Bing
System drive C: has 257 GB (59%) free of 435 GB
Total RAM: 3978 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:31:13, on 25. 12. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files\trend micro\Jiří.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [WinZip UN] C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe
O4 - HKLM\..\Run: [WinZip PreLoader] C:\Program Files (x86)\WinZip\WzPreloader.exe
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKCU\..\Run: [BingSvc] C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: McAfee Vpn Service - Unknown owner - C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: BiometricSensorDataSynchronization (valWbioSyncSvc) - Unknown owner - C:\WINDOWS\system32\valWbioSyncSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WinZip Smart Monitor Service - Unknown owner - C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 10356 bytes

======Listing Processes======





wininit.exe

winlogon.exe


C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5dd221c4-f014-475e-9911-a7b32eb26fcd -SystemEventPortName:HostProcess-9bf33853-7547-4c58-b4a2-3cc1687bb03c -IoCancelEventPortName:HostProcess-de429c61-6ef4-4669-9cd8-1ef4d11779b7 -NonStateChangingEventPortName:HostProcess-589cb1fc-5c41-4529-af35-7d1c1a48185f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:ae2162ef-01df-4919-aa33-f0a9bd955ffa -DeviceGroupId:
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-affa048b-8290-41a2-88ea-46e82a77f388 -SystemEventPortName:HostProcess-a684c80a-1d1e-42d7-a9ec-1fe8f1966c6b -IoCancelEventPortName:HostProcess-4ca590d2-613b-4dfa-91cb-67b029d58c2a -NonStateChangingEventPortName:HostProcess-e9c930ff-1199-48c8-acab-25ff070cceee -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:94020f47-3ff8-4aa0-b006-285ac6b343f7 -DeviceGroupId:WudfDefaultDevicePool
C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe
"C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostex.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe" -run
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe"
"C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe"
"C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe"
"C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
AvastUI.exe /nogui
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
adb fork-server server
C:\WINDOWS\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
"C:\Users\Jiří\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
"C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\WINDOWS\system32\CompatTelRunner.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\CompatTelRunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun -cv:33LSeYyCSkCVGmPm.1
"C:\Program Files\Mozilla Firefox\firefox.exe"
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.0.1916526016\1636330862" -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - "C:\Users\Jiří\AppData\LocalLow\Mozilla\Temp-{165450ad-8631-4fb6-8313-005aa10e68fa}" 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 1276 gpu
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.3.1174261143\1534450545" -childID 1 -isForBrowser -prefsHandle 1836 -prefMapHandle 1924 -prefsLen 1 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 1800 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.13.94107912\1777983848" -childID 2 -isForBrowser -prefsHandle 2856 -prefMapHandle 2860 -prefsLen 79 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 2792 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.20.1463642786\118788423" -childID 3 -isForBrowser -prefsHandle 3160 -prefMapHandle 3164 -prefsLen 173 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 3168 tab
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.27.1711889532\2018653066" -childID 4 -isForBrowser -prefsHandle 7912 -prefMapHandle 7676 -prefsLen 5854 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 7680 tab

C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="4128.48.537618124\2033570955" -childID 7 -isForBrowser -prefsHandle 7012 -prefMapHandle 7564 -prefsLen 6366 -prefMapSize 185843 -schedulerPrefs 0001,2 -parentBuildID 20181206201918 -greomni "C:\Program Files\Mozilla Firefox\omni.ja" -appomni "C:\Program Files\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files\Mozilla Firefox\browser" - 4128 "\\.\pipe\gecko-crash-server-pipe.4128" 7212 tab
wmiadap.exe /R /T
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup

"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe183_ Global\UsGthrCtrlFltPipeMssGthrPipe183 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 564 568 576 65536 572
"C:\Users\Jiří\Desktop\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default

prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.101 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.101 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-19 2892616]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2014-01-21 6340312]
"PasswordManager"=C:\Program Files\Lenovo\Password Manager\password_manager.exe [2014-01-09 1622072]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2015-01-07 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2015-01-07 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2015-01-07 10973168]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-11-22 242392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"McAfeeSafeConnect"=C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [2017-10-10 1034160]
"BingSvc"=C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2017-12-26 144008]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-11-09 49805160]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-12-10 19589208]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"=C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [2014-09-09 110344]
"CLVirtualDrive"=C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [2014-09-09 492808]
"WinZip UN"=C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [2017-04-19 1580032]
"WinZip PreLoader"=C:\Program Files (x86)\WinZip\WzPreloader.exe [2017-04-19 124360]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2013-12-24 133760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"mixer4"=wdmaud.drv
"midi4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-12-25 16:22:51 ----D---- C:\Program Files\trend micro
2018-12-25 16:22:50 ----D---- C:\rsit
2018-12-24 22:24:00 ----D---- C:\Users\Jiří\AppData\Roaming\WebApp
2018-12-24 17:27:13 ----D---- C:\Users\Jiří\AppData\Roaming\CyberLink
2018-12-20 07:54:50 ----A---- C:\WINDOWS\system32\jscript.dll
2018-12-20 07:54:49 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-12-12 06:16:11 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-12-12 06:16:06 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-12-12 06:16:00 ----A---- C:\WINDOWS\system32\wmp.dll
2018-12-12 06:15:56 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2018-12-12 06:15:53 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-12-12 06:15:50 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-12-12 06:15:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-12-12 06:15:44 ----A---- C:\WINDOWS\system32\win32k.sys
2018-12-12 06:15:43 ----A---- C:\WINDOWS\system32\msxml6.dll
2018-12-12 06:15:42 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2018-12-12 06:15:41 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 06:15:41 ----A---- C:\WINDOWS\system32\msxml3.dll
2018-12-12 06:15:39 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2018-12-12 06:15:38 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-12 06:15:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2018-12-12 06:15:35 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 06:15:33 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-12-12 06:15:33 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2018-12-12 06:15:32 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-12-12 06:15:32 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-12-12 06:15:31 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-12-12 06:15:29 ----A---- C:\WINDOWS\system32\gdi32.dll
2018-12-12 06:15:28 ----A---- C:\WINDOWS\system32\drivers\tm.sys
2018-12-12 06:15:16 ----A---- C:\WINDOWS\system32\t2embed.dll
2018-12-12 06:15:14 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2018-12-12 06:15:13 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-12-12 06:15:09 ----A---- C:\WINDOWS\SYSWOW64\gdi32.dll
2018-12-12 06:15:03 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-12-12 06:14:51 ----A---- C:\WINDOWS\system32\wininet.dll
2018-12-12 06:14:49 ----A---- C:\WINDOWS\system32\urlmon.dll
2018-12-12 06:14:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
2018-12-12 06:14:48 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-12-12 06:14:48 ----A---- C:\WINDOWS\system32\msfeeds.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2018-12-12 06:14:47 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2018-12-12 06:14:46 ----A---- C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-12 06:14:45 ----A---- C:\WINDOWS\SYSWOW64\GlobCollationHost.dll

======List of files/folders modified in the last 1 month======

2018-12-25 16:30:25 ----D---- C:\WINDOWS\Temp
2018-12-25 16:28:21 ----AD---- C:\Windows
2018-12-25 16:28:10 ----D---- C:\WINDOWS\Inf
2018-12-25 16:23:03 ----D---- C:\WINDOWS\Prefetch
2018-12-25 16:22:51 ----D---- C:\Program Files
2018-12-25 16:17:46 ----SHD---- C:\WINDOWS\Installer
2018-12-25 16:07:28 ----D---- C:\WINDOWS\system32\sru
2018-12-24 17:27:25 ----D---- C:\ProgramData\CyberLink
2018-12-24 17:27:19 ----D---- C:\Users\Jiří\AppData\Roaming\Lenovo
2018-12-24 17:27:14 ----D---- C:\ProgramData\Lenovo
2018-12-24 12:43:51 ----D---- C:\WINDOWS\Microsoft.NET
2018-12-22 22:46:47 ----D---- C:\WINDOWS\SoftwareDistribution
2018-12-22 17:22:37 ----D---- C:\Users\Jiří\AppData\Roaming\TeamViewer
2018-12-22 17:18:47 ----D---- C:\WINDOWS\debug
2018-12-22 17:17:11 ----D---- C:\WINDOWS\system32\Tasks
2018-12-22 17:17:07 ----D---- C:\Program Files\CCleaner
2018-12-22 17:12:20 ----HD---- C:\ProgramData
2018-12-22 17:11:58 ----D---- C:\WINDOWS\Tasks
2018-12-22 14:10:32 ----D---- C:\Program Files\Mozilla Firefox
2018-12-22 14:10:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-22 13:33:57 ----D---- C:\WINDOWS\system32\config
2018-12-21 14:51:34 ----SHD---- C:\System Volume Information
2018-12-21 14:44:31 ----D---- C:\WINDOWS\WinSxS
2018-12-21 14:29:38 ----D---- C:\WINDOWS\system32\catroot2
2018-12-20 12:50:24 ----SHD---- C:\Config.Msi
2018-12-20 12:45:25 ----RD---- C:\Program Files (x86)
2018-12-20 08:25:18 ----D---- C:\WINDOWS\CbsTemp
2018-12-20 08:24:23 ----RAD---- C:\WINDOWS\System32
2018-12-20 08:24:23 ----D---- C:\WINDOWS\SysWOW64
2018-12-16 08:36:48 ----D---- C:\WINDOWS\rescache
2018-12-15 20:17:39 ----D---- C:\ProgramData\LU
2018-12-15 20:07:23 ----D---- C:\WINDOWS\system32\DriverStore
2018-12-15 20:07:16 ----D---- C:\Program Files (x86)\TeamViewer
2018-12-15 20:07:01 ----D---- C:\ProgramData\Validity
2018-12-15 20:06:38 ----D---- C:\WINDOWS\system32\drivers
2018-12-15 20:00:00 ----D---- C:\WINDOWS\SYSWOW64\en-US
2018-12-15 20:00:00 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2018-12-15 19:59:59 ----D---- C:\WINDOWS\system32\en-US
2018-12-15 19:59:59 ----D---- C:\WINDOWS\system32\cs-CZ
2018-12-12 19:24:14 ----D---- C:\WINDOWS\system32\MRT
2018-12-12 06:27:34 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-12-06 05:48:34 ----D---- C:\WINDOWS\system32\Macromed
2018-12-06 05:48:27 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2018-12-01 00:43:41 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-11-22 201768]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-11-22 346592]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-11-22 59496]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-11-22 87432]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-11-22 380464]
R0 LubSec;LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [2014-02-22 45304]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-11-22 201240]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-11-22 230344]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-11-26 239840]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2018-11-22 42288]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-11-22 111800]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-11-22 1028680]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-11-22 469272]
R1 CLVirtualDrive;CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [2013-11-12 91912]
R1 SMIDriver;SMIDriver; C:\WINDOWS\system32\drivers\smi.sys [2014-01-22 19760]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-11-22 163208]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-11-22 208472]
R3 ACPIVPC;@oem37.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\WINDOWS\System32\drivers\AcpiVpc.sys [2015-01-07 35576]
R3 AthBTPort;@oem32.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\WINDOWS\system32\DRIVERS\btath_flt.sys [2013-12-24 89800]
R3 athr;@oem13.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\system32\DRIVERS\athwbx.sys [2013-12-12 3881472]
R3 BTATH_A2DP;@oem31.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\WINDOWS\system32\drivers\btath_a2dp.sys [2013-12-24 338120]
R3 btath_avdt;@oem31.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\WINDOWS\system32\drivers\btath_avdt.sys [2013-12-24 116424]
R3 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-12-24 34384]
R3 BTATH_HCRP;@oem34.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\WINDOWS\System32\drivers\btath_hcrp.sys [2013-12-24 179432]
R3 BTATH_LWFLT;@oem36.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [2013-12-24 77464]
R3 BTATH_RCP;@oem38.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\WINDOWS\System32\drivers\btath_rcp.sys [2013-12-24 137928]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2013-12-24 597192]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2015-06-09 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-06-09 81920]
R3 ETD;@oem12.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2014-02-18 377608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-09-09 3797416]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-05-26 3975128]
R3 IntcDAud;@oem44.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem8.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-07-20 38976]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RSP2STOR;@oem10.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [2013-09-24 290520]
R3 RTL8168;@oem11.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem19.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
R3 tap0901;@oem45.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\WINDOWS\system32\DRIVERS\tap0901.sys [2017-10-10 27136]
R3 TXEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Trusted Execution Engine Interface ; C:\WINDOWS\System32\drivers\TXEIx64.sys [2013-07-02 87568]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2016-09-09 85656]
S2 LubFsFlt;LubFsFlt; \??\C:\windows\System32\Drivers\LubFsFlt.sys [2014-02-22 27384]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-11-22 46384]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-06-09 1201664]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem7.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-07-20 50240]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\WINDOWS\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2013-12-24 318592]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-11-22 324000]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-09-09 330144]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [2013-07-02 733696]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2015-01-07 198192]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2018-02-09 1880864]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2015-01-07 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-04-03 11293936]
R2 valWBFPolicyService;@oem33.inf,%WBFService_SvcDesc%;Validity WBF Policy Service; C:\WINDOWS\system32\valWBFPolicyService.exe [2014-07-24 49040]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization; C:\WINDOWS\system32\valWbioSyncSvc.exe [2014-07-24 32256]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-11-22 8188768]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22 164984]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10 153168]
S2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-04-21 37624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06 335872]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22 164984]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-09-09 291736]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10 153168]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2013-07-02 822232]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-12-10 272864]
S3 McAfee Vpn Service;McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [2017-10-10 320944]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe [2017-01-19 272136]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-12-22 227792]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2015-01-07 305136]

-----------------EOF-----------------
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#3 Příspěvek od curt-xx »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jiří (25-12-2018 16:41:35)
Running from C:\Users\Jiří\Desktop
Windows 8.1 Connected (Update) (X64) (2015-11-14 13:48:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-593153708-520586577-4045992680-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-593153708-520586577-4045992680-501 - Limited - Disabled)
Jiří (S-1-5-21-593153708-520586577-4045992680-1001 - Administrator - Enabled) => C:\Users\Jiří

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Emsa Save My Work 1.0 (HKLM-x32\...\Emsa Save My Work_is1) (Version: - Emsa Systems)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\SweetLabs_AP) (Version: 0.269.8.718 - Pokki) <==== ATTENTION
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 1.10.8.0 - Lenovo Group Limited)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.38.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo USB Blocker (HKLM-x32\...\{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
McAfee Safe Connect (HKLM-x32\...\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}) (Version: 1.4.1.150 - McAfee, Inc)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7254 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.718 - Pokki)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Teta CEWE fotosvet (HKLM-x32\...\Teta CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version: - Lenovo Group Limited)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 21.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410E}) (Version: 21.5.12480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-593153708-520586577-4045992680-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-12-24] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-12-24] (Qualcomm®Atheros®)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10D26D2C-D6D1-4F14-AEBD-65F4C9004DEE} - System32\Tasks\WinZip Update Notifier => C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {1B4CF191-3BA6-4C50-9DB9-937C3FE3345D} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {218F5EF6-573F-4F75-B89D-13AF17F2C76C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
Task: {27BB4361-0098-4459-8130-61D88A0F7860} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {3E634115-1515-44E3-A435-2736EED918D9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {51B496FA-3CFA-41B8-80A1-9A9C47EC9016} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {605919CB-8B8D-406D-BEB8-62E01DA6B546} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-17] (AVAST Software)
Task: {641F770A-5565-4EC7-A00D-C89D451A6493} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {6AE578A6-140F-4ED3-94DB-692B16DAA1A6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {73FBABFA-94CB-4E51-814A-46D3C5A3D914} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {7A40E807-C607-4C49-8717-B3CF76428B27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {7B0A463A-570D-4E5B-8E1D-2D3FF2F798F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {91659A77-C9C5-47A1-93CB-5B4FC94D8108} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {952D62D9-96F2-4321-BE7B-3F5FB3988A0E} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {96142655-E999-401B-AFCD-42E8155C0BD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {A867935B-A867-4F14-B488-35C81AFB0A6B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {B3508D38-29EB-4E6E-B70A-80A48BE38048} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {BBAE3A9C-569B-4BBC-8F24-9F63DFA4FBDC} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {BF421C2C-51A2-4994-BD79-9A7AA2FB8A3E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {D377B61A-2E10-4401-8529-E9FBD921B65A} - System32\Tasks\SweetLabs App Platform => C:\Users\Jiří\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-12-20] (Pokki)
Task: {E6C62AF1-6C2B-46B2-8F0C-BC126A6C6BA5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {EA5DE703-5252-4A00-947A-04DD6DE3F696} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EB07F1A2-11D3-4FF6-9853-3A214B315B85} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {FDBC3147-5A44-4648-BF82-F5C2EC7CE58A} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#4 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
K logu RSIT Addition není třeba. Buď dejte log RSIT, nebo FRST+Addition (druhá možnost je přesnější).
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#5 Příspěvek od curt-xx »

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-25-2018
# Duration: 00:00:25
# OS: Windows 8.1 Connected
# Scanned: 32227
# Detected: 40


***** [ Services ] *****

PUP.Optional.WinZipRegistryOptimizer WinZip Smart Monitor Service

***** [ Folders ] *****

Adware.pokki C:\ProgramData\Pokki
Adware.pokki C:\Users\Public\Pokki
PUP.Optional.Legacy C:\Program Files\WinZip Smart Monitor
PUP.Optional.Legacy C:\ProgramData\WinZip\WinZip Smart Monitor
PUP.Optional.Legacy C:\Users\Jiří\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

PUP.Optional.PCAppStore C:\Users\Jiří\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\PC App Store.lnk
PUP.Optional.PCAppStore C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

PUP.Optional.Legacy C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Adware.pokki HKCU\Software\SweetLabs App Platform
Adware.pokki HKCU\Software\Classes\lnkfile\shell\pokki
Adware.pokki HKCU\Software\Classes\Drive\shell\pokki
Adware.pokki HKCU\Software\Classes\Directory\shell\pokki
Adware.pokki HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
PUP.Adware.Heuristic HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
PUP.Adware.Heuristic HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|Amazon1ButtonTaskbarApp.exe
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components\{981b174d-7733-4e7f-b89d-6545a7c21838}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D377B61A-2E10-4401-8529-E9FBD921B65A}
PUP.Optional.Legacy HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#6 Příspěvek od Rudy »

V ADW ještě klikněte na mazání, restartujte a pak dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#7 Příspěvek od curt-xx »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jiří (26-12-2018 08:46:23)
Running from C:\Users\Jiří\Desktop
Windows 8.1 Connected (Update) (X64) (2015-11-14 13:48:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-593153708-520586577-4045992680-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-593153708-520586577-4045992680-501 - Limited - Disabled)
Jiří (S-1-5-21-593153708-520586577-4045992680-1001 - Administrator - Enabled) => C:\Users\Jiří

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.3.0.1 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Emsa Save My Work 1.0 (HKLM-x32\...\Emsa Save My Work_is1) (Version: - Emsa Systems)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.16 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo Password Manager (HKLM-x32\...\{70EE2BAA-F82A-4B8A-950E-649EFD64D5B9}) (Version: 1.10.8.0 - Lenovo Group Limited)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.38.2 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo Security Suite (HKLM-x32\...\{184F6D30-2A4C-4BDD-85FF-BE4ABBB4232C}) (Version: 1.0.1.15 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.42 - Lenovo)
Lenovo Solution Center (HKLM\...\{4386A5EF-BD23-49F4-9DAD-CD76B4F6A8BF}) (Version: 2.8.006.00 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo USB Blocker (HKLM-x32\...\{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo) Hidden
Lenovo USB Blocker (HKLM-x32\...\InstallShield_{18706F18-ACE4-4510-A59C-104693E7978B}) (Version: 1.0.0.37 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
McAfee Safe Connect (HKLM-x32\...\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}) (Version: 1.4.1.150 - McAfee, Inc)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.29071 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7254 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
Teta CEWE fotosvet (HKLM-x32\...\Teta CEWE fotosvet) (Version: 6.1.5 - CEWE Stiftung u Co. KGaA)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Validity WBF DDK 5011 (HKLM\...\{4D70781C-36A9-4335-9568-565C6F61B5EB}) (Version: 4.5.247.0 - )
Validity WBF DDK 5011 (HKLM\...\{B38B22CB-F5BA-4803-BE59-EDD70D71CB2F}) (Version: 4.5.247.0 - Validity Sensors, Inc.)
version 5.13.415.31/1.0.0.27/3.4.5.11(H1C307WW) (HKLM-x32\...\{4AD4461B-8BD4-4354-805C-E97E7A404906}_is1) (Version: - Lenovo Group Limited)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinZip 21.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410E}) (Version: 21.5.12480 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-593153708-520586577-4045992680-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => -> No File
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2013-12-24] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2013-12-24] (Qualcomm®Atheros®)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-09-09] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-11-22] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-04-19] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10D26D2C-D6D1-4F14-AEBD-65F4C9004DEE} - System32\Tasks\WinZip Update Notifier => C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [2017-04-19] (WinZip)
Task: {1B4CF191-3BA6-4C50-9DB9-937C3FE3345D} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {218F5EF6-573F-4F75-B89D-13AF17F2C76C} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2014-09-11] (Maxthon International ltd.)
Task: {27BB4361-0098-4459-8130-61D88A0F7860} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {3E634115-1515-44E3-A435-2736EED918D9} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-12-10] (Lenovo)
Task: {51B496FA-3CFA-41B8-80A1-9A9C47EC9016} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-12-10] (Piriform Ltd)
Task: {605919CB-8B8D-406D-BEB8-62E01DA6B546} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-17] (AVAST Software)
Task: {641F770A-5565-4EC7-A00D-C89D451A6493} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {6AE578A6-140F-4ED3-94DB-692B16DAA1A6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-12-10] (Lenovo)
Task: {73FBABFA-94CB-4E51-814A-46D3C5A3D914} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {7A40E807-C607-4C49-8717-B3CF76428B27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {7B0A463A-570D-4E5B-8E1D-2D3FF2F798F3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-12-10] (Piriform Software Ltd)
Task: {91659A77-C9C5-47A1-93CB-5B4FC94D8108} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-12-10] (Lenovo)
Task: {952D62D9-96F2-4321-BE7B-3F5FB3988A0E} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {96142655-E999-401B-AFCD-42E8155C0BD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {A867935B-A867-4F14-B488-35C81AFB0A6B} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {B3508D38-29EB-4E6E-B70A-80A48BE38048} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-22] (AVAST Software)
Task: {BBAE3A9C-569B-4BBC-8F24-9F63DFA4FBDC} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {BF421C2C-51A2-4994-BD79-9A7AA2FB8A3E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {E6C62AF1-6C2B-46B2-8F0C-BC126A6C6BA5} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-22] (AVAST Software)
Task: {EA5DE703-5252-4A00-947A-04DD6DE3F696} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {EB07F1A2-11D3-4FF6-9853-3A214B315B85} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {FDBC3147-5A44-4648-BF82-F5C2EC7CE58A} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-01-07 02:37 - 2012-04-24 11:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-12-24 11:22 - 2013-12-24 11:22 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-12-24 11:20 - 2013-12-24 11:20 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-24 11:26 - 2013-12-24 11:26 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-01-07 01:46 - 2013-10-01 10:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2013-12-23 19:08 - 2015-01-07 02:47 - 000058352 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2018-03-12 21:51 - 2018-03-12 21:51 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-11-22 11:43 - 2018-11-22 11:43 - 000596696 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2015-01-07 02:25 - 2014-07-10 02:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-01-07 02:25 - 2014-07-10 02:19 - 000397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2015-12-14 15:28 - 2015-12-14 15:28 - 000078808 _____ () C:\Program Files\Lenovo\iMController\AutoUpdate.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\mojebanka.cz -> hxxps://etrading.mojebanka.cz
IE trusted site: HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\mojeplatba.cz -> hxxps://www.mojeplatba.cz

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-11-15 17:57 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-593153708-520586577-4045992680-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "WinZip PreLoader"
HKLM\...\StartupApproved\Run32: => "WinZip UN"
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{EA27B7B0-9805-4D53-863E-113E926C00CE}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F6381431-159D-4BB0-A9CF-679D3914263D}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EB7255E6-8B25-49BF-9061-28D1760F35E7}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{FC7A9E0F-58CB-43DF-A203-D28273DD7DB1}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{E8AC52CE-0A29-40F4-961E-649777407226}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FD17F76B-FC79-4F35-B998-AF07CBAB741E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{AAFECFC7-4CE2-4E7C-A294-9F9B3557B4C8}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A6C9DFA4-47E6-47A5-A0E8-AB2760C225DF}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{3D1070BE-8111-4974-94BA-4B7CD8DB5255}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{94BCB161-43BF-4C4C-86B8-DC671957C6D0}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{D31FEFFE-14A4-45D0-B1FB-B8E1DEEB5A40}] => (Allow) LPort=55100
FirewallRules: [{DF729E3B-F6D1-406C-BED0-B26A25BF768E}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{87F78A2B-52D4-4199-A93D-BA0A3678D562}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F0BADDE6-88F4-4ACB-A0A4-D308BAA33306}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6346D0DE-B68E-459F-84E1-3D44B8CF9530}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D954801B-0903-4E60-A0D2-CCE149646B88}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{068EE58A-1331-4B5B-92BE-8DF59E254139}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A0EEE9B3-B2E1-446A-9554-E01D56F85E3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BB513A1D-0864-4684-BA17-660BA9D81D4C}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{0FA3991D-2ED3-4059-AFF9-BDF3AD4EF10A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{BED29812-BBF4-4E49-A3D9-1D36D1031602}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{94619C78-7787-4E64-821B-FB770199D956}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{9892BD9B-29D2-497D-9D26-D7443D561022}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{877C699E-9B80-4E40-948C-0B9B6E0CF5FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8AE71B4E-CFB4-4386-85DD-0DCEB4076982}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{AE15E5B8-7B39-4435-B691-DAC94F83DEA6}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

06-12-2018 06:23:07 Windows Update
12-12-2018 06:15:05 Windows Update
19-12-2018 22:19:02 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/26/2018 08:30:20 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (12/26/2018 07:57:58 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (12/26/2018 07:34:37 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (12/25/2018 08:57:54 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (12/25/2018 08:40:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (12/25/2018 04:57:53 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.

Error: (12/25/2018 04:46:43 PM) (Source: BiometricSensorDataSynchronization) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/25/2018 04:17:46 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.


System errors:
=============
Error: (12/26/2018 08:40:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LubFsFlt neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/26/2018 08:40:12 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: LubFsFlt.sys

Error: (12/26/2018 08:38:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.

Error: (12/26/2018 08:38:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CCSDK byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/26/2018 08:38:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Lenovo PhoneCompanionPusher Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/26/2018 08:38:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Maxthon Core Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/26/2018 08:38:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BiometricSensorDataSynchronization byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/26/2018 08:38:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Capability Licensing Service Interface byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restart the service.


Windows Defender:
===================================
Date: 2017-05-28 17:29:04.824
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: The resource is too old to be compatible.
Verze podpisu: 1.177.229.0;1.177.229.0
Verze modulu: 1.1.10701.0

CodeIntegrity:
===================================

Date: 2018-04-29 11:05:01.227
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:04:53.607
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:04:45.111
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:04:38.064
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:03:31.654
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:03:25.027
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:03:12.723
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-29 11:03:05.320
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 41%
Total physical RAM: 3978.19 MB
Available physical RAM: 2317.14 MB
Total Virtual: 5258.19 MB
Available Virtual: 3548.55 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.64 GB) (Free:250.35 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.4 GB) NTFS

\\?\Volume{766cfcdf-95f3-4cfa-a004-aeb0c696d5ec}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{d86b2709-fac7-497e-b70e-1f75db93d9ce}\ (PBR_DRV) (Fixed) (Total:13.79 GB) (Free:3.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9DF986E9)

Partition: GPT.

==================== End of Addition.txt ============================
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#8 Příspěvek od curt-xx »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Jiří (administrator) on LENOVO-PC (26-12-2018 08:41:22)
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & Administrator)
Platform: Windows 8.1 Connected (Update) (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Windows\System32\valWbioSyncSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Malwarebytes) C:\Users\Jiří\Downloads\adwcleaner_7.2.6.0.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_metro.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(McAfee Inc.) C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
(© 2015 Microsoft Corporation) C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2892616 2014-02-19] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1622072 2014-01-09] (Lenovo Group Limited)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-01-07] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-01-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10973168 2015-01-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-22] (AVAST Software)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKLM-x32\...\Run: [WinZip UN] => C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe [1580032 2017-04-19] (WinZip)
HKLM-x32\...\Run: [WinZip PreLoader] => C:\Program Files (x86)\WinZip\WzPreloader.exe [124360 2017-04-19] (WinZip Computing, S.L.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®)
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe [1034160 2017-10-10] (McAfee Inc.)
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [BingSvc] => C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
AppInit_DLLs: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~2.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE64.dll [119616 2014-09-26] (Amazon Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\AMAZON~3.DLL => C:\Program Files (x86)\Amazon\Amazon1ButtonApp\AmazonExtIE.dll [106304 2014-09-26] (Amazon Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{8AC801AC-E746-4C2F-9B82-BBFA7784AF1A}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{985249B1-53AA-4F20-8C4B-7FCB9DF90FD8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-593153708-520586577-4045992680-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {AE94C91B-57B9-4494-B1AF-49A46188FDE9} URL =

FireFox:
========
FF DefaultProfile: j7k9fqo3.default
FF ProfilePath: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default [2018-12-26]
FF Extension: (Bing Search Engine) - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\Extensions\bingsearchweb_uniwin@microsoft.com.xpi [2018-07-18]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\Extensions\sp@avast.com.xpi [2018-12-19]
FF Extension: (Avast Online Security) - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\Extensions\wrc@avast.com.xpi [2018-11-22]
FF Extension: (Firefox Monitor) - C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\features\{184ae3bf-e918-4b99-a66e-9399f809899e}\fxmonitor@mozilla.org.xpi [2018-12-22]
FF SearchPlugin: C:\Users\Jiří\AppData\Roaming\Mozilla\Firefox\Profiles\j7k9fqo3.default\searchplugins\bing-.xml [2018-07-18]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-593153708-520586577-4045992680-1001: @kb-ext.cz/PKIComponent -> C:\Users\Jiří\AppData\Roaming\KB-ext\lib\x86\npPKIComponentNPAPI-kbext.dll [2013-09-26] (Komerční banka, a.s.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default [2018-12-25]
CHR Extension: (Prezentace) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-10]
CHR Extension: (Dokumenty) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-10]
CHR Extension: (Disk Google) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-10]
CHR Extension: (YouTube) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-24]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2018-08-18]
CHR Extension: (Tabulky) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-10]
CHR Extension: (Lenovo Password Manager) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\geempcnjhccnoepfmahaeemnnfnignab [2018-01-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-25]
CHR Extension: (Avast Online Security) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-11-25]
CHR Extension: (Skype) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-01-10]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-08]
CHR Extension: (Gmail) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-10]
CHR Extension: (Chrome Media Router) - C:\Users\Jiří\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-24]
CHR HKU\S-1-5-21-593153708-520586577-4045992680-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [geempcnjhccnoepfmahaeemnnfnignab] - C:\Program Files (x86)\Lenovo\Password Manager\chrome_npapi_extension.crx [2014-01-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-22] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-22] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-22] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-22] (AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330144 2015-09-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-07] (Lenovo(beijing) Limited)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272864 2015-12-10] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [37624 2014-04-21] (Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-09] (Maxthon)
S3 McAfee Vpn Service; C:\Program Files (x86)\McAfee Safe Connect\service\VpnService.exe [320944 2017-10-10] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-01-07] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2015-01-07] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [49040 2014-07-24] (Synaptics Incorporated)
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [32256 2014-07-24] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-12-24] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-11-22] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-11-22] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-11-22] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-11-22] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-11-22] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239840 2018-11-26] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-11-22] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-11-22] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-11-22] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-11-22] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-11-22] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-11-22] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-11-22] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-11-22] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-11-22] (AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S2 LubFsFlt; C:\windows\System32\Drivers\LubFsFlt.sys [27384 2014-02-22] (Lenovo(beijing) Limited)
R0 LubSec; C:\WINDOWS\System32\Drivers\LubSec.sys [45304 2014-02-22] (Lenovo(beijing) Limited)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85656 2016-09-09] (McAfee, Inc.)
S3 NETwNe64; C:\WINDOWS\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [290520 2013-09-24] (Realtek Semiconductor Corp.)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
R1 SMIDriver; C:\WINDOWS\System32\drivers\smi.sys [19760 2014-01-22] (Windows (R) Win 7 DDK provider)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-26 08:41 - 2018-12-26 08:44 - 000021093 _____ C:\Users\Jiří\Desktop\FRST.txt
2018-12-25 20:49 - 2018-12-26 08:32 - 000000000 ____D C:\AdwCleaner
2018-12-25 20:48 - 2018-12-25 20:48 - 007320272 _____ (Malwarebytes) C:\Users\Jiří\Downloads\adwcleaner_7.2.6.0.exe
2018-12-25 16:37 - 2018-12-25 16:38 - 000000000 ____D C:\Users\Jiří\Desktop\certifikát KB
2018-12-25 16:35 - 2018-12-25 16:35 - 000000000 ____D C:\FRST
2018-12-25 16:30 - 2018-08-27 08:52 - 001222144 _____ C:\Users\Jiří\Desktop\RSITx64.exe
2018-12-25 16:30 - 2018-08-27 08:51 - 002413056 _____ (Farbar) C:\Users\Jiří\Desktop\FRST64.exe
2018-12-25 16:22 - 2018-12-25 16:31 - 000000000 ____D C:\Program Files\trend micro
2018-12-25 16:22 - 2018-12-25 16:24 - 000000000 ____D C:\rsit
2018-12-25 16:20 - 2018-12-25 16:22 - 001222144 _____ C:\Users\Jiří\Downloads\RSITx64.exe
2018-12-24 22:24 - 2018-12-24 22:24 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\WebApp
2018-12-24 17:27 - 2018-12-24 17:27 - 000000000 ____D C:\Users\Jiří\Documents\Lenovo
2018-12-24 17:27 - 2018-12-24 17:27 - 000000000 ____D C:\Users\Jiří\Documents\CyberLink
2018-12-24 17:27 - 2018-12-24 17:27 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\CyberLink
2018-12-22 17:14 - 2018-12-22 17:15 - 019299120 _____ (Piriform Software Ltd) C:\Users\Jiří\Downloads\ccsetup551.exe
2018-12-20 07:54 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 07:54 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-13 16:11 - 2018-12-13 16:11 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-12-12 06:16 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 06:16 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 06:16 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 06:15 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2018-12-12 06:15 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 06:15 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 06:15 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 06:15 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-12 06:15 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 06:15 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-12 06:15 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 06:15 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-12-12 06:15 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-12 06:15 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 06:15 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 06:15 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 06:15 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 06:15 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-12-12 06:15 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 06:15 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 06:15 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 06:15 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 06:15 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 06:15 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 06:15 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-12-12 06:15 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-12-12 06:15 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-12-12 06:15 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-12-12 06:15 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-12-12 06:15 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls
2018-12-12 06:14 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-12-12 06:14 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-12-12 06:14 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-12-12 06:14 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 06:14 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-12-12 06:14 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-12 06:14 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 06:14 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-12-12 06:14 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-12 06:14 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-12-12 06:14 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2018-12-12 06:14 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2018-12-02 10:29 - 2018-12-02 10:30 - 000059248 _____ C:\Users\Jiří\Desktop\vcards_20181202_102452.vcf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-26 08:45 - 2015-11-14 14:58 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-593153708-520586577-4045992680-1001
2018-12-26 08:43 - 2018-08-18 19:30 - 000000000 ____D C:\Users\Jiří\AppData\Local\AVAST Software
2018-12-26 08:40 - 2016-01-30 19:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-12-26 08:40 - 2015-11-24 12:41 - 000000000 __SHD C:\Users\Jiří\IntelGraphicsProfiles
2018-12-26 08:40 - 2015-06-30 17:55 - 000000000 __RDO C:\Users\Jiří\OneDrive
2018-12-26 08:40 - 2015-01-07 01:56 - 000000000 ____D C:\ProgramData\Validity
2018-12-26 08:40 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-26 08:39 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-12-26 08:36 - 2017-10-29 14:40 - 000000000 ____D C:\Users\Jiří\AppData\LocalLow\Mozilla
2018-12-25 20:33 - 2015-01-07 02:18 - 000734494 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-25 20:33 - 2015-01-07 02:18 - 000148824 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-25 20:33 - 2014-03-18 10:53 - 001739092 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-25 20:33 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2018-12-25 17:28 - 2018-03-13 18:41 - 000004462 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-25 17:28 - 2018-01-10 17:29 - 000003386 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-25 17:28 - 2018-01-10 17:29 - 000003258 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-25 17:28 - 2017-12-26 12:05 - 000003870 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-25 17:28 - 2017-12-07 17:45 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-12-25 17:28 - 2017-11-24 17:32 - 000004408 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-12-25 17:28 - 2017-05-28 17:09 - 000003414 _____ C:\WINDOWS\System32\Tasks\WinZip Update Notifier
2018-12-25 17:28 - 2017-05-28 16:39 - 000002790 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-25 17:28 - 2015-01-07 02:47 - 000003498 _____ C:\WINDOWS\System32\Tasks\OFFICE2013ACT
2018-12-25 17:28 - 2015-01-07 02:40 - 000003056 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2018-12-25 17:28 - 2015-01-07 01:48 - 000003272 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2018-12-25 16:58 - 2015-11-14 14:54 - 000001279 _____ C:\Users\Jiří\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2018-12-25 16:58 - 2015-11-14 14:54 - 000000000 ____D C:\ProgramData\LU
2018-12-25 16:47 - 2017-10-29 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-12-25 16:47 - 2017-10-29 14:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-12-24 17:27 - 2015-11-14 20:55 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\Lenovo
2018-12-24 17:27 - 2015-01-07 02:40 - 000000000 ____D C:\ProgramData\CyberLink
2018-12-24 17:27 - 2015-01-07 02:29 - 000000000 ____D C:\ProgramData\Lenovo
2018-12-22 17:22 - 2016-01-27 21:45 - 000000000 ____D C:\Users\Jiří\AppData\Roaming\TeamViewer
2018-12-22 17:18 - 2015-12-27 15:49 - 000000000 ____D C:\Users\Jiří\AppData\Local\CrashDumps
2018-12-22 17:17 - 2017-05-28 16:39 - 000000805 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-22 17:17 - 2017-05-28 16:39 - 000000000 ____D C:\Program Files\CCleaner
2018-12-22 14:10 - 2017-10-29 14:40 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-12-20 11:18 - 2015-06-30 17:51 - 000000000 ____D C:\Users\Jiří\Documents\Bluetooth Folder
2018-12-20 08:25 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-16 08:36 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2018-12-15 20:06 - 2013-08-22 15:44 - 000346680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-13 05:43 - 2018-01-10 17:38 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-13 05:43 - 2018-01-10 17:38 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-12 19:24 - 2015-11-24 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 06:27 - 2015-11-24 10:49 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-11 20:10 - 2017-05-28 16:35 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-12-06 05:48 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 05:48 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-01 00:43 - 2018-08-18 19:21 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-01 00:43 - 2018-08-18 19:21 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-26 20:08 - 2018-01-07 20:36 - 000239840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys

==================== Files in the root of some directories =======

2015-11-14 14:56 - 2015-11-24 10:27 - 000002442 _____ () C:\Users\Jiří\AppData\Roaming\AbsoluteReminder.xml

Some files in TEMP:
====================
2018-12-24 17:27 - 2018-12-24 17:27 - 000467968 _____ (Realtek Semiconductor Corp.) C:\Users\Jiří\AppData\Local\Temp\COMAP.EXE

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-19 06:08

==================== End of FRST.txt ============================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#9 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [BingSvc] => C:\Users\Jiří\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (© 2015 Microsoft Corporation)
C:\Users\Jiří\AppData\Local\Microsoft\BingSvc
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {AE94C91B-57B9-4494-B1AF-49A46188FDE9} URL =
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
C:\Program Files (x86)\McAfee Security Scan
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Jiří\AppData\Local\Temp
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {7A40E807-C607-4C49-8717-B3CF76428B27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {96142655-E999-401B-AFCD-42E8155C0BD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#10 Příspěvek od curt-xx »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Jiří (26-12-2018 11:43:02) Run:1
Running from C:\Users\Jiří\Desktop
Loaded Profiles: Jiří (Available Profiles: Jiří & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-593153708-520586577-4045992680-1001\...\Run: [BingSvc] => C:\Users\Ji��\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (� 2015 Microsoft Corporation)
C:\Users\Ji��\AppData\Local\Microsoft\BingSvc
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-593153708-520586577-4045992680-1001 -> {AE94C91B-57B9-4494-B1AF-49A46188FDE9} URL =
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
C:\Program Files (x86)\McAfee Security Scan
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Ji��\AppData\Local\Temp
ShellIconOverlayIdentifiers: [00USBBlockerShellDs] -> {BE57AC86-892D-436E-B763-71DA8FA49A48} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRd] -> {FFBCBB89-938E-4412-88AF-AE7A531F95C1} => -> No File
ShellIconOverlayIdentifiers: [00USBBlockerShellRw] -> {42D4ABFA-0604-45F1-9A7C-622F85614BAB} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {7A40E807-C607-4C49-8717-B3CF76428B27} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)
Task: {96142655-E999-401B-AFCD-42E8155C0BD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-01-10] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-593153708-520586577-4045992680-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
"C:\Users\Ji��\AppData\Local\Microsoft\BingSvc" => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-593153708-520586577-4045992680-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-593153708-520586577-4045992680-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-593153708-520586577-4045992680-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE94C91B-57B9-4494-B1AF-49A46188FDE9}" => removed successfully
HKLM\Software\Classes\CLSID\{AE94C91B-57B9-4494-B1AF-49A46188FDE9} => not found
"HKLM\System\CurrentControlSet\Services\McComponentHostService" => removed successfully
McComponentHostService => service removed successfully
C:\Program Files (x86)\McAfee Security Scan => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"C:\Users\Ji��\AppData\Local\Temp" => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00USBBlockerShellDs" => removed successfully
HKLM\Software\Classes\CLSID\{BE57AC86-892D-436E-B763-71DA8FA49A48} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00USBBlockerShellRd" => removed successfully
HKLM\Software\Classes\CLSID\{FFBCBB89-938E-4412-88AF-AE7A531F95C1} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00USBBlockerShellRw" => removed successfully
HKLM\Software\Classes\CLSID\{42D4ABFA-0604-45F1-9A7C-622F85614BAB} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7A40E807-C607-4C49-8717-B3CF76428B27}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A40E807-C607-4C49-8717-B3CF76428B27}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{96142655-E999-401B-AFCD-42E8155C0BD8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96142655-E999-401B-AFCD-42E8155C0BD8}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14589823 B
Java, Flash, Steam htmlcache => 1079 B
Windows/system/drivers => 6313213 B
Edge => 0 B
Chrome => 13446453 B
Firefox => 423202796 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 13078 B
systemprofile32 => 3838137 B
LocalService => 2480 B
NetworkService => 0 B
Jiří => 7457619 B
Administrator => 17844 B

RecycleBin => 129738 B
EmptyTemp: => 455.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:44:33 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#11 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
curt-xx
Návštěvník
Návštěvník
Příspěvky: 183
Registrován: 18 pro 2005 15:37

Re: Prosím o kontrolu logu

#12 Příspěvek od curt-xx »

díky moc, opravdu znatelné zrychlení
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119426
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o kontrolu logu

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“