
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zaneřáděný noťas
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zaneřáděný noťas
Ahoj
Syn manželce zaneřádil noťas různými instalacemi. Teď noťas zamrzá, pracuje pomalu a vyskakují různé nesmysly. Mohli byste se prosím podívat na log a poradit s nějakým vyčištěním. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jana at 2019-10-05 11:52:44
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:53:06, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\System32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\conhost.exe
C:\Program Files\McAfee\WebAdvisor\browserhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
C:\Program Files\trend micro\Jana.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 8683 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-09-25 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 11:52:56 ----D---- C:\WINDOWS\Temp
2019-10-05 11:52:49 ----D---- C:\WINDOWS\Prefetch
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 11:44:08 ----D---- C:\WINDOWS\system32\sru
2019-10-05 11:43:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 11:43:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 10:46:21 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 10:33:49 ----D---- C:\WINDOWS\System32
2019-10-05 10:33:49 ----D---- C:\WINDOWS\INF
2019-10-05 10:33:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 10:33:41 ----D---- C:\WINDOWS\system32\config
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-10-05 08:10:04 ----D---- C:\WINDOWS\system32\LogFiles
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-25 11:13:00 ----D---- C:\WINDOWS\Logs
2019-09-25 11:03:45 ----D---- C:\WINDOWS\system32\Tasks
2019-09-23 19:47:23 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:28 ----HD---- C:\ProgramData
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-19 18:42:43 ----D---- C:\WINDOWS\system32\catroot2
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R1 MpKsl523ab0ad;MpKsl523ab0ad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{933BCCE1-603B-4B19-BF3D-71F3DF6963B8}\MpKsl523ab0ad.sys [2019-09-19 49504]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_2f0c8;Uživatelská služba platformy připojených zařízení_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_2f0c8;Hostitel synchronizace_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_2f0c8;Uživatelská služba pro GameDVR a vysílání her_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_2f0c8;Služba pro podporu uživatelů Bluetooth_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_2f0c8;DevicePicker_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_2f0c8;Tok zařízení_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-07-18 271296]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_2f0c8;Služba zasílání zpráv_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_2f0c8;Data kontaktů_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_2f0c8;PrintWorkflow_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
Syn manželce zaneřádil noťas různými instalacemi. Teď noťas zamrzá, pracuje pomalu a vyskakují různé nesmysly. Mohli byste se prosím podívat na log a poradit s nějakým vyčištěním. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jana at 2019-10-05 11:52:44
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:53:06, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\System32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\conhost.exe
C:\Program Files\McAfee\WebAdvisor\browserhost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
C:\Program Files\trend micro\Jana.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 8683 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-09-25 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 11:52:56 ----D---- C:\WINDOWS\Temp
2019-10-05 11:52:49 ----D---- C:\WINDOWS\Prefetch
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 11:44:08 ----D---- C:\WINDOWS\system32\sru
2019-10-05 11:43:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 11:43:28 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 10:46:21 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 10:33:49 ----D---- C:\WINDOWS\System32
2019-10-05 10:33:49 ----D---- C:\WINDOWS\INF
2019-10-05 10:33:49 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 10:33:41 ----D---- C:\WINDOWS\system32\config
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-10-05 08:10:04 ----D---- C:\WINDOWS\system32\LogFiles
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-25 11:13:00 ----D---- C:\WINDOWS\Logs
2019-09-25 11:03:45 ----D---- C:\WINDOWS\system32\Tasks
2019-09-23 19:47:23 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:28 ----HD---- C:\ProgramData
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-19 18:42:43 ----D---- C:\WINDOWS\system32\catroot2
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R1 MpKsl523ab0ad;MpKsl523ab0ad; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{933BCCE1-603B-4B19-BF3D-71F3DF6963B8}\MpKsl523ab0ad.sys [2019-09-19 49504]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_2f0c8;Uživatelská služba platformy připojených zařízení_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_2f0c8;Hostitel synchronizace_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_2f0c8;Uživatelská služba pro GameDVR a vysílání her_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_2f0c8;Služba pro podporu uživatelů Bluetooth_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_2f0c8;DevicePicker_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_2f0c8;Tok zařízení_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [2015-07-18 271296]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_2f0c8;Služba zasílání zpráv_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_2f0c8;Data kontaktů_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_2f0c8;PrintWorkflow_2f0c8; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Děkuji za reakci. Zde log.
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-05-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Solvusoft
Deleted C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [17268 octets] - [05/10/2019 16:57:09]
AdwCleaner[S00].txt - [3661 octets] - [05/10/2019 16:58:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-05-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Solvusoft
Deleted C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\solvusoft.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.izito.cz
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.solvusoft.com
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Smart File Advisor_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [17268 octets] - [05/10/2019 16:57:09]
AdwCleaner[S00].txt - [3661 octets] - [05/10/2019 16:58:23]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679. 

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jana at 2019-10-05 20:11:11
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:16, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\System32\smartscreen.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 7704 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-05 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 16:57:09 ----D---- C:\AdwCleaner
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 20:11:14 ----D---- C:\WINDOWS\Temp
2019-10-05 20:04:50 ----D---- C:\WINDOWS\Prefetch
2019-10-05 20:04:03 ----D---- C:\WINDOWS\system32\sru
2019-10-05 20:02:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 20:02:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 18:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-05 17:05:30 ----D---- C:\WINDOWS\System32
2019-10-05 17:05:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05:29 ----D---- C:\WINDOWS\INF
2019-10-05 17:01:12 ----D---- C:\WINDOWS\system32\Tasks
2019-10-05 17:01:09 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 17:00:25 ----D---- C:\WINDOWS\system32\catroot2
2019-10-05 17:00:13 ----D---- C:\Program Files\Lenovo
2019-10-05 17:00:11 ----HD---- C:\ProgramData
2019-10-05 13:17:07 ----D---- C:\WINDOWS\Logs
2019-10-05 13:16:53 ----D---- C:\WINDOWS\system32\config
2019-10-05 13:13:49 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_26eb9;Uživatelská služba platformy připojených zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_26eb9;Hostitel synchronizace_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_26eb9;Uživatelská služba pro GameDVR a vysílání her_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_26eb9;Služba pro podporu uživatelů Bluetooth_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_26eb9;DevicePicker_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_26eb9;Tok zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe []
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_26eb9;Služba zasílání zpráv_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_26eb9;Data kontaktů_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_26eb9;PrintWorkflow_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
Run by Jana at 2019-10-05 20:11:11
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:16, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\System32\smartscreen.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 7704 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-05 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 16:57:09 ----D---- C:\AdwCleaner
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 20:11:14 ----D---- C:\WINDOWS\Temp
2019-10-05 20:04:50 ----D---- C:\WINDOWS\Prefetch
2019-10-05 20:04:03 ----D---- C:\WINDOWS\system32\sru
2019-10-05 20:02:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 20:02:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 18:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-05 17:05:30 ----D---- C:\WINDOWS\System32
2019-10-05 17:05:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05:29 ----D---- C:\WINDOWS\INF
2019-10-05 17:01:12 ----D---- C:\WINDOWS\system32\Tasks
2019-10-05 17:01:09 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 17:00:25 ----D---- C:\WINDOWS\system32\catroot2
2019-10-05 17:00:13 ----D---- C:\Program Files\Lenovo
2019-10-05 17:00:11 ----HD---- C:\ProgramData
2019-10-05 13:17:07 ----D---- C:\WINDOWS\Logs
2019-10-05 13:16:53 ----D---- C:\WINDOWS\system32\config
2019-10-05 13:13:49 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_26eb9;Uživatelská služba platformy připojených zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_26eb9;Hostitel synchronizace_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_26eb9;Uživatelská služba pro GameDVR a vysílání her_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_26eb9;Služba pro podporu uživatelů Bluetooth_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_26eb9;DevicePicker_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_26eb9;Tok zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe []
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_26eb9;Služba zasílání zpráv_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_26eb9;Data kontaktů_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_26eb9;PrintWorkflow_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
Já nechtěl log RSIT, ale FRST+Addition. Viz odkaz výše. RSIT nelze v desítkách použít k mazání z důvodu nebezpečí poškození systému.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Omlouvám se, teď už snad správně.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jana at 2019-10-05 20:11:11
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:16, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\System32\smartscreen.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 7704 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-05 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 16:57:09 ----D---- C:\AdwCleaner
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 20:11:14 ----D---- C:\WINDOWS\Temp
2019-10-05 20:04:50 ----D---- C:\WINDOWS\Prefetch
2019-10-05 20:04:03 ----D---- C:\WINDOWS\system32\sru
2019-10-05 20:02:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 20:02:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 18:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-05 17:05:30 ----D---- C:\WINDOWS\System32
2019-10-05 17:05:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05:29 ----D---- C:\WINDOWS\INF
2019-10-05 17:01:12 ----D---- C:\WINDOWS\system32\Tasks
2019-10-05 17:01:09 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 17:00:25 ----D---- C:\WINDOWS\system32\catroot2
2019-10-05 17:00:13 ----D---- C:\Program Files\Lenovo
2019-10-05 17:00:11 ----HD---- C:\ProgramData
2019-10-05 13:17:07 ----D---- C:\WINDOWS\Logs
2019-10-05 13:16:53 ----D---- C:\WINDOWS\system32\config
2019-10-05 13:13:49 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_26eb9;Uživatelská služba platformy připojených zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_26eb9;Hostitel synchronizace_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_26eb9;Uživatelská služba pro GameDVR a vysílání her_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_26eb9;Služba pro podporu uživatelů Bluetooth_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_26eb9;DevicePicker_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_26eb9;Tok zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe []
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_26eb9;Služba zasílání zpráv_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_26eb9;Data kontaktů_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_26eb9;PrintWorkflow_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Jana at 2019-10-05 20:11:11
Microsoft Windows 10 Home
System drive C: has 4 GB (13%) free of 29 GB
Total RAM: 1977 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:11:16, on 05.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\WebAdvisor\UIHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\3NOD\Lenovokb.exe
C:\Program Files\Smart File Advisor\SFAUpdater.exe
C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\WINDOWS\system32\MusNotifyIcon.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\System32\smartscreen.exe
C:\Users\Jana\Downloads\RSIT.exe
C:\Program Files\trend micro\Jana.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo15.msn.com/?pc=LCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://lenovo15.msn.com/?pc=LCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [3nodkey] C:\Windows\3NOD\LenovoKB.exe
O4 - HKLM\..\Run: [Smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc
O4 - HKLM\..\Run: [SFAUpdater] "C:\Program Files\Smart File Advisor\SFAUpdater.exe"
O4 - HKLM\..\Run: [DptfPolicyLpmServiceHelper] C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" -automount
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\system32\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application (DptfParticipantProcessorService) - Intel Corporation - C:\WINDOWS\system32\DptfParticipantProcessorService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application (DptfPolicyCriticalService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyCriticalService.exe
O23 - Service: @oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application (DptfPolicyLpmService) - Intel Corporation - C:\WINDOWS\system32\DptfPolicyLpmService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Intel Corporation - C:\WINDOWS\system32\igfxCUIService.exe
O23 - Service: LSCWinService - Unknown owner - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, Inc. - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
--
End of file - 7704 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30 974584]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-11 486816]
"3nodkey"=C:\Windows\3NOD\LenovoKB.exe [2015-08-12 6416384]
"Smart File Advisor"=C:\Program Files\Smart File Advisor\sfa.exe [2017-06-19 282352]
"SFAUpdater"=C:\Program Files\Smart File Advisor\SFAUpdater.exe [2015-03-27 656656]
"DptfPolicyLpmServiceHelper"=C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [2015-07-29 103528]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-10-05 1592440]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2017-08-14 3880640]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-05 16:57:09 ----D---- C:\AdwCleaner
2019-10-05 11:52:44 ----D---- C:\rsit
2019-10-05 11:52:44 ----D---- C:\Program Files\trend micro
2019-09-20 21:58:55 ----D---- C:\Program Files\bookingDesktopApp
2019-09-20 21:58:23 ----D---- C:\Program Files\Booking
2019-09-20 21:56:59 ----D---- C:\Program Files\McAfee
2019-09-20 21:56:28 ----D---- C:\ProgramData\McAfee
2019-09-19 22:39:57 ----D---- C:\Program Files\Nox
======List of files/folders modified in the last 1 month======
2019-10-05 20:11:14 ----D---- C:\WINDOWS\Temp
2019-10-05 20:04:50 ----D---- C:\WINDOWS\Prefetch
2019-10-05 20:04:03 ----D---- C:\WINDOWS\system32\sru
2019-10-05 20:02:44 ----D---- C:\WINDOWS\system32\SleepStudy
2019-10-05 20:02:39 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 18:00:02 ----D---- C:\WINDOWS\system32\LogFiles
2019-10-05 17:05:30 ----D---- C:\WINDOWS\System32
2019-10-05 17:05:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05:29 ----D---- C:\WINDOWS\INF
2019-10-05 17:01:12 ----D---- C:\WINDOWS\system32\Tasks
2019-10-05 17:01:09 ----D---- C:\WINDOWS\AppReadiness
2019-10-05 17:00:25 ----D---- C:\WINDOWS\system32\catroot2
2019-10-05 17:00:13 ----D---- C:\Program Files\Lenovo
2019-10-05 17:00:11 ----HD---- C:\ProgramData
2019-10-05 13:17:07 ----D---- C:\WINDOWS\Logs
2019-10-05 13:16:53 ----D---- C:\WINDOWS\system32\config
2019-10-05 13:13:49 ----RD---- C:\WINDOWS\Microsoft.NET
2019-10-05 11:52:44 ----RD---- C:\Program Files
2019-10-05 10:46:18 ----HD---- C:\Program Files\WindowsApps
2019-10-05 08:10:06 ----D---- C:\WINDOWS\system32\drivers\wd
2019-09-30 13:34:47 ----D---- C:\WINDOWS\Minidump
2019-09-25 14:08:23 ----D---- C:\Windows
2019-09-21 12:58:10 ----D---- C:\WINDOWS\LiveKernelReports
2019-09-20 22:04:09 ----SHDC---- C:\WINDOWS\Installer
2019-09-20 21:56:23 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42:24 ----D---- C:\WINDOWS\WinSxS
2019-09-19 22:42:13 ----D---- C:\Program Files\Common Files\microsoft shared
2019-09-19 22:42:06 ----D---- C:\WINDOWS\Registration
2019-09-17 19:38:24 ----D---- C:\WINDOWS\CbsTemp
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 44560]
R0 MBI;@oem19.inf,%MBI.SVCDESC%;Intel(R) Sideband Fabric Device Service; C:\WINDOWS\System32\drivers\MBI.sys [2015-06-16 33792]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-11 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-11 49560]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-11 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-11 7680]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2019-03-14 336896]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 36864]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2019-03-14 65024]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 89600]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-11 66560]
R3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2018-04-11 23040]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-11 100352]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-11 50584]
R3 camera;@oem10.inf,%iacamera.DeviceDesc%;Intel(R) AVStream Camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [2015-07-09 697360]
R3 DptfDevDBPT;DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [2015-06-23 55816]
R3 DptfDevDisplay;DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [2015-06-23 59392]
R3 DptfDevGen;DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [2015-06-23 85000]
R3 DptfDevProc;DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [2015-06-23 203264]
R3 DptfManager;DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [2015-06-23 467968]
R3 dtlitescsibus;@oem25.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-03 26168]
R3 dtliteusbbus;@oem3.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-03 40504]
R3 GPIO;@oem7.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpioe.sys [2015-06-10 34176]
R3 GpioVirtual;@oem8.inf,%Driver_Service.Desc%;GPED Virtual GPIO controller driver; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [2015-06-10 27496]
R3 iaioi2c;@oem5.inf,%Driver_Service.Desc%;I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2ce.sys [2015-06-18 57360]
R3 iaiouart;@oem23.inf,%iaiouart.SVCDESC%;UART Controller; C:\WINDOWS\System32\drivers\iaiouart.sys [2015-06-10 98560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2016-11-09 3048928]
R3 IntelBatteryManagement;@oem2.inf,%IntelBatteryManagement.SVCDESC%;Intel(R) Battery Management Service; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [2015-07-01 47104]
R3 IntelSST;@oem29.inf,%IntelSST_Audio.SvcDesc%;Intel SST Audio Device (WDM); C:\WINDOWS\system32\drivers\isstrtc.sys [2015-11-10 277264]
R3 iwdbus;@oem26.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 35320]
R3 PMIC;@oem24.inf,%Driver_Service.Desc%;Intel(R) Power Management IC Device Service; C:\WINDOWS\System32\drivers\PMIC.sys [2015-06-16 77424]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-11 150528]
R3 rtii2sac;@oem21.inf,%CodecDevice.SVCDESC%;Realtek I2S Audio Codec Device Driver; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [2015-06-12 208624]
R3 RtkUart;@oem6.inf,%RtkBtUart.SVCDESC%;Realtek Bluetooth UART Bus Driver Service; C:\WINDOWS\System32\drivers\RtkUart.sys [2015-07-20 557312]
R3 RtlWlans;@netrtwlans.inf,%RtlWlans.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n SDIO Network Adapter; C:\WINDOWS\System32\drivers\rtwlans.sys [2018-04-11 6555136]
R3 rtsuvc;@oem22.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2016-10-18 1943808]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-11 693144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-11 118680]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-11 103320]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-11 105368]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-11 64408]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-11 71576]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-11 51608]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-11 54680]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-11 32664]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-06-15 39840]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-11 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-11 13312]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 74040]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2019-06-07 870400]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2018-04-11 61440]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-11 27648]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-11 102400]
S3 DptfDevAmbient;DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [2015-06-23 88584]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-11 17408]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-11 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-11 18944]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-11 28672]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-11 74240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-11 30208]
S3 intaud_WaveExtensible;@oem1.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-12-01 44016]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-11 24064]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-11 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-11 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-11 43424]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-11 122368]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-11 13312]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-11 71168]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BTDevManager;BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [2015-07-16 147160]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CDPUserSvc_26eb9;Uživatelská služba platformy připojených zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 DptfParticipantProcessorService;@oem20.inf,%WIN32_DPTF_PARTICIPANT_PROC_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Processor Participant Service Application; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [2015-07-29 108648]
R2 DptfPolicyCriticalService;@oem20.inf,%WIN32_DPTF_POLICY_CRITICAL_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Critical Service Application; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [2015-07-29 105576]
R2 DptfPolicyLpmService;@oem20.inf,%WIN32_DPTF_POLICY_LPM_SERVICE_DISPLAY_NAME%;Intel(R) Dynamic Platform & Thermal Framework Low Power Mode Service Application; C:\WINDOWS\system32\DptfPolicyLpmService.exe [2015-07-29 115816]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-09 292832]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2019-09-30 684688]
R2 OneSyncSvc_26eb9;Hostitel synchronizace_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-14 625008]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-08-26 316728]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-08-14 2354368]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2018-03-05 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2012-01-05 75624]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BcastDVRUserService_26eb9;Uživatelská služba pro GameDVR a vysílání her_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 BluetoothUserService_26eb9;Služba pro podporu uživatelů Bluetooth_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-09-20 102400]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\system32\IntelCpHeciSvc.exe [2016-11-09 299488]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicePickerUserSvc_26eb9;DevicePicker_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevicesFlowUserSvc_26eb9;Tok zařízení_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2019-05-03 68096]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 959984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2018-06-12 153168]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 LSCWinService;LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe []
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 MessagingService_26eb9;Služba zasílání zpráv_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PimIndexMaintenanceSvc_26eb9;Data kontaktů_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PrintWorkflowUserSvc_26eb9;PrintWorkflow_26eb9; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-11 871424]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 71456]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-06-08 679424]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2018-04-11 267264]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 71456]
S4 ssh-agent;OpenSSH Authentication Agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-03-19 353792]
-----------------EOF-----------------
Re: Zaneřáděný noťas
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-10-2019
Ran by Jana (05-10-2019 21:13:34)
Running from C:\Users\Jana\Downloads
Microsoft Windows 10 Home Version 1803 17134.885 (X86) (2018-05-22 19:52:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1188802740-2568223325-2750341654-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188802740-2568223325-2750341654-503 - Limited - Disabled)
Guest (S-1-5-21-1188802740-2568223325-2750341654-501 - Limited - Disabled)
Jana (S-1-5-21-1188802740-2568223325-2750341654-1001 - Administrator - Enabled) => C:\Users\Jana
WDAGUtilityAccount (S-1-5-21-1188802740-2568223325-2750341654-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Booking (HKLM\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Euro Truck Simulator 2 verze 1.28.1.3s (HKLM\...\{DB6EFE86-E081-423C-8AC4-D3A1419C7833}_is1) (Version: 1.28.1.3s - )
Google Chrome (HKLM\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Cheat Engine 6.7 (HKLM\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Lenovo Keyboard Driver (HKLM\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: 1.0.15.0812 - 3NOD)
Lenovo EasyCamera (HKLM\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Solution Center (HKLM\...\{74C3EF3E-2A0D-470A-9EDC-884D5F85644F}) (Version: 3.0.003.00 - Lenovo)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.100 - McAfee, LLC.)
Microsoft Office (HKLM\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
REALTEK Bluetooth (HKLM\...\{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - REALTEK Semiconductor Corp.) Hidden
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - Realtek Semiconductor Corp.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.12 - Ghisler Software GmbH)
User Manuals (HKLM\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.149.100.0_x86__kgqvnymyfvs32 [2019-10-05] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-18] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x86__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x86__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 52\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-11-17 23:51 - 2014-09-09 14:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2016-03-02 17:03 - 2015-06-09 04:20 - 000045056 _____ () [File not signed] C:\Windows\3NOD\hidhook.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sduaento.sys:changelist [282]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 10:28 - 2015-07-10 10:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D37E1D05-0FCF-420C-8602-75009B6B54D6}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{D20543C9-3968-4A29-8C69-DAEA016284C3}] => (Allow) C:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [{EA47133D-9BF2-4F7A-A8B8-1DA389673FCA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Whitelisted) ==================
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:27.87 GB) (Free:3.67 GB) (13%)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/20/2019 09:57:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/20/2019 09:54:28 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/20/2019 09:53:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/19/2019 10:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Nox.exe, verze: 6.3.0.8, časové razítko: 0x10deaed0
Název chybujícího modulu: VBoxApi.dll, verze: 0.0.0.0, časové razítko: 0x5d6fb16a
Kód výjimky: 0xc0000417
Posun chyby: 0x00055585
ID chybujícího procesu: 0x1a70
Čas spuštění chybující aplikace: 0x01d56f2a908264b3
Cesta k chybující aplikaci: C:\Program Files\Nox\bin\Nox.exe
Cesta k chybujícímu modulu: C:\Program Files\Nox\bin\VBoxApi.dll
ID zprávy: f82fb2be-c433-476c-ae87-5b01ef896d88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/17/2019 09:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MicrosoftEdgeCP.exe, verze: 11.0.17134.858, časové razítko: 0x5d01d4d9
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.885, časové razítko: 0x44df46fc
Kód výjimky: 0x8007000e
Posun chyby: 0x00118872
ID chybujícího procesu: 0x1eec
Čas spuštění chybující aplikace: 0x01d56d840bccd2fb
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d95cc11-16b2-44f6-bac4-6f7d43aba8a0
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ContentProcess
Error: (09/11/2019 02:24:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\DRIVERS\TouchPad\dpinst.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (09/10/2019 11:33:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (08/14/2019 12:01:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.858 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 950
Čas spuštění: 01d55216ba089c53
Čas ukončení: 23
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID hlášení: 0a6975ce-4207-41ef-aeda-d4ac501547fe
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s balíčkem s chybou: ContentProcess
System errors:
=============
Error: (10/05/2019 08:11:49 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 08:07:38 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:03:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:03:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:02:33 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Kód chyby: 126
Windows Defender:
===================================
Date: 2019-10-05 21:08:38.126
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jana\Downloads\FRST.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-SVDUHAMF\Jana
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.303.950.0, AS: 1.303.950.0, NIS: 1.303.950.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-05 21:03:37.758
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jana\Downloads\FRST.exe; webfile:_C:\Users\Jana\Downloads\FRST.exe|https://download.bleepingcomputer.com/d ... 7080250309
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: LAPTOP-SVDUHAMF\Jana
Název procesu: Unknown
Verze podpisu: AV: 1.303.950.0, AS: 1.303.950.0, NIS: 1.303.950.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-09-23 20:13:35.042
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {09334356-A7EA-4AC3-9FAE-8BE9DB71387A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-23 20:02:33.985
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D54B60D7-6188-46D6-93BB-E84E5C3A9359}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-23 19:48:52.602
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {ED98F336-2A0C-4691-B370-6334A942C8AB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-25 11:12:32.967
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.2099.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-09-12 06:50:47.622
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.1024.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x8024402c
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-08-08 20:24:18.035
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.299.1362.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-08-01 10:41:32.415
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.299.847.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x8024402c
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-07-12 15:49:18.808
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.941.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
==================== Memory info ===========================
BIOS: LENOVO E2CN15WW 09/12/2018
Motherboard: LENOVO Aristotle 11.6
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 80%
Total physical RAM: 1977.13 MB
Available physical RAM: 382.72 MB
Total Virtual: 2937.13 MB
Available Virtual: 422.69 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:27.87 GB) (Free:3.67 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{6325b3dd-2763-4e16-ba3b-fa87cdfa7114}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{4391eb2c-c284-4307-b073-7c6e3e949485}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: B9E15D3B)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Jana (05-10-2019 21:13:34)
Running from C:\Users\Jana\Downloads
Microsoft Windows 10 Home Version 1803 17134.885 (X86) (2018-05-22 19:52:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1188802740-2568223325-2750341654-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188802740-2568223325-2750341654-503 - Limited - Disabled)
Guest (S-1-5-21-1188802740-2568223325-2750341654-501 - Limited - Disabled)
Jana (S-1-5-21-1188802740-2568223325-2750341654-1001 - Administrator - Enabled) => C:\Users\Jana
WDAGUtilityAccount (S-1-5-21-1188802740-2568223325-2750341654-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Booking (HKLM\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Euro Truck Simulator 2 verze 1.28.1.3s (HKLM\...\{DB6EFE86-E081-423C-8AC4-D3A1419C7833}_is1) (Version: 1.28.1.3s - )
Google Chrome (HKLM\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Cheat Engine 6.7 (HKLM\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
Lenovo Keyboard Driver (HKLM\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: 1.0.15.0812 - 3NOD)
Lenovo EasyCamera (HKLM\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Solution Center (HKLM\...\{74C3EF3E-2A0D-470A-9EDC-884D5F85644F}) (Version: 3.0.003.00 - Lenovo)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.100 - McAfee, LLC.)
Microsoft Office (HKLM\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
REALTEK Bluetooth (HKLM\...\{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - REALTEK Semiconductor Corp.) Hidden
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - Realtek Semiconductor Corp.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 9.12 - Ghisler Software GmbH)
User Manuals (HKLM\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)
Packages:
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.149.100.0_x86__kgqvnymyfvs32 [2019-10-05] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-23] (Canon Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-18] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-13] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x86__8wekyb3d8bbwe [2019-08-29] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x86__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x86__8wekyb3d8bbwe [2019-09-12] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x86__8wekyb3d8bbwe [2019-07-28] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x86__8wekyb3d8bbwe [2019-09-25] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files\Alcohol Soft\Alcohol 52\AxShlex.dll [2014-09-06] (Alcohol Soft -> Alcohol Soft Development Team)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-11-17 23:51 - 2014-09-09 14:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2016-03-02 17:03 - 2015-06-09 04:20 - 000045056 _____ () [File not signed] C:\Windows\3NOD\hidhook.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sduaento.sys:changelist [282]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 10:28 - 2015-07-10 10:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D37E1D05-0FCF-420C-8602-75009B6B54D6}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{D20543C9-3968-4A29-8C69-DAEA016284C3}] => (Allow) C:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
FirewallRules: [{EA47133D-9BF2-4F7A-A8B8-1DA389673FCA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Whitelisted) ==================
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:27.87 GB) (Free:3.67 GB) (13%)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/20/2019 09:57:02 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/20/2019 09:54:28 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/20/2019 09:53:37 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (09/19/2019 10:41:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Nox.exe, verze: 6.3.0.8, časové razítko: 0x10deaed0
Název chybujícího modulu: VBoxApi.dll, verze: 0.0.0.0, časové razítko: 0x5d6fb16a
Kód výjimky: 0xc0000417
Posun chyby: 0x00055585
ID chybujícího procesu: 0x1a70
Čas spuštění chybující aplikace: 0x01d56f2a908264b3
Cesta k chybující aplikaci: C:\Program Files\Nox\bin\Nox.exe
Cesta k chybujícímu modulu: C:\Program Files\Nox\bin\VBoxApi.dll
ID zprávy: f82fb2be-c433-476c-ae87-5b01ef896d88
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (09/17/2019 09:46:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MicrosoftEdgeCP.exe, verze: 11.0.17134.858, časové razítko: 0x5d01d4d9
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.885, časové razítko: 0x44df46fc
Kód výjimky: 0x8007000e
Posun chyby: 0x00118872
ID chybujícího procesu: 0x1eec
Čas spuštění chybující aplikace: 0x01d56d840bccd2fb
Cesta k chybující aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 6d95cc11-16b2-44f6-bac4-6f7d43aba8a0
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ContentProcess
Error: (09/11/2019 02:24:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\DRIVERS\TouchPad\dpinst.exe se nezdařilo.
Závislé sestavení Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (09/10/2019 11:33:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-SVDUHAMF)
Description: httphttp-2147467263
Error: (08/14/2019 12:01:03 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program MicrosoftEdgeCP.exe verze 11.0.17134.858 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.
ID procesu: 950
Čas spuštění: 01d55216ba089c53
Čas ukončení: 23
Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
ID hlášení: 0a6975ce-4207-41ef-aeda-d4ac501547fe
Úplný název balíčku s chybou: Microsoft.MicrosoftEdge_42.17134.1.0_neutral__8wekyb3d8bbwe
ID aplikace související s balíčkem s chybou: ContentProcess
System errors:
=============
Error: (10/05/2019 08:11:49 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 08:07:38 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:03:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:03:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:02:33 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SVDUHAMF)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-SVDUHAMF\Jana (SID: S-1-5-21-1188802740-2568223325-2750341654-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/05/2019 05:01:00 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.
Cesta k modulu: C:\WINDOWS\system32\Rtlihvs.dll
Kód chyby: 126
Windows Defender:
===================================
Date: 2019-10-05 21:08:38.126
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jana\Downloads\FRST.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-SVDUHAMF\Jana
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.303.950.0, AS: 1.303.950.0, NIS: 1.303.950.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-10-05 21:03:37.758
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
ID: 2147735505
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Jana\Downloads\FRST.exe; webfile:_C:\Users\Jana\Downloads\FRST.exe|https://download.bleepingcomputer.com/d ... 7080250309
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: LAPTOP-SVDUHAMF\Jana
Název procesu: Unknown
Verze podpisu: AV: 1.303.950.0, AS: 1.303.950.0, NIS: 1.303.950.0
Verze modulu: AM: 1.1.16400.2, NIS: 1.1.16400.2
Date: 2019-09-23 20:13:35.042
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {09334356-A7EA-4AC3-9FAE-8BE9DB71387A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-23 20:02:33.985
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D54B60D7-6188-46D6-93BB-E84E5C3A9359}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-23 19:48:52.602
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {ED98F336-2A0C-4691-B370-6334A942C8AB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-09-25 11:12:32.967
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.2099.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80240016
Popis chyby

Date: 2019-09-12 06:50:47.622
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.301.1024.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x8024402c
Popis chyby

Date: 2019-08-08 20:24:18.035
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.299.1362.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x80240016
Popis chyby

Date: 2019-08-01 10:41:32.415
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.299.847.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16200.1
Kód chyby: 0x8024402c
Popis chyby

Date: 2019-07-12 15:49:18.808
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.941.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby

==================== Memory info ===========================
BIOS: LENOVO E2CN15WW 09/12/2018
Motherboard: LENOVO Aristotle 11.6
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 80%
Total physical RAM: 1977.13 MB
Available physical RAM: 382.72 MB
Total Virtual: 2937.13 MB
Available Virtual: 422.69 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:27.87 GB) (Free:3.67 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{6325b3dd-2763-4e16-ba3b-fa87cdfa7114}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{4391eb2c-c284-4307-b073-7c6e3e949485}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: B9E15D3B)
Partition: GPT.
==================== End of Addition.txt ============================
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
Toto je pouze Additional. Ještě potřebuji vidět obsah souboru frst.txt. Je v C:\Users\Jana\Downloads. Čtěte, prosím vše, co vám píši. Jenom tak dojdeme k cíli.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Pardon...log zde
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2019
Ran by Jana (administrator) on LAPTOP-SVDUHAMF (LENOVO 80R2) (05-10-2019 21:11:09)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Microsoft Windows 10 Home Version 1803 17134.885 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(3NOD) [File not signed] C:\Windows\3NOD\Lenovokb.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Filefacts.net) [File not signed] C:\Program Files\Smart File Advisor\SFAUpdater.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Realtek Semiconductor Corp -> ) C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(StarWind Software) [File not signed] C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [3nodkey] => C:\Windows\3NOD\LenovoKB.exe [6416384 2015-08-12] (3NOD) [File not signed]
HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [282352 2017-06-19] (Total PC -> Filefacts.net)
HKLM\...\Run: [SFAUpdater] => C:\Program Files\Smart File Advisor\SFAUpdater.exe [656656 2015-03-27] (Filefacts.net) [File not signed]
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [103528 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3880640 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BBAD8E8-172A-4FBE-89B4-ED6BBE96E8EE} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {480FA9E6-AE35-47BA-828C-F203CBB02EF2} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
Task: {48E2B3BA-C2A5-4E36-827E-7F12262B69D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5EB1DE3B-E9FC-41DD-8BA1-7F14CAC2292A} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
Task: {6BD126E5-7263-4524-9926-2A0148014169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {6C7C6DBC-FA53-4293-A356-AF6ADD88A901} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F767A32-2607-434D-9781-4D0996275E3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731A2ED0-2D62-44B2-BBE2-C1BB3A99232E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E3E0647-B8E1-41A2-9313-45EB4C708E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FCBDA19-43D0-412A-B17C-EE07B19EB470} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {8232E6C2-A41A-4CB0-A334-9243F4741820} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {885F83F6-6FC7-4673-B924-D1882F27247B} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {96552BB5-55FC-45BF-9EB5-B9494DE11503} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-18] (LENOVO -> Lenovo)
Task: {BE4D6493-D09E-4258-A40A-6DFBA7AFC421} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {CC06CF09-C89F-4459-9AE8-24F71558382E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {E993F50C-2FAD-4606-85AA-894E348301EE} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.48.181.35 77.48.181.33
Tcpip\..\Interfaces\{941bd24c-6d21-417c-af39-b90f92fe36fd}: [DhcpNameServer] 77.48.181.35 77.48.181.33
Internet Explorer:
==================
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> DefaultScope {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30] (McAfee, LLC -> McAfee, Inc.)
Edge:
======
DownloadDir: C:\Users\Jana\Downloads
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-09-30]
FF Plugin: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-20] (bookingDesktopApp.) [File not signed]
FF Plugin: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-20] (bookingDesktopApp.) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G10&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2019-10-05]
CHR Extension: (Prezentace) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-12]
CHR Extension: (Dokumenty) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-12]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-12]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-12]
CHR Extension: (Tabulky) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
S2 bookingdesktopapp; C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [147160 2015-07-16] (Realtek Semiconductor Corp -> )
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [299488 2016-11-09] (Intel(R) pGFX -> Intel Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2354368 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [108648 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [105576 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [115816 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [292832 2016-11-09] (Intel(R) pGFX -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [684688 2019-09-30] (McAfee, LLC -> McAfee, Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [2136112 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [85032 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [33792 2015-06-16] (Intel(R) Baytrail Wintablet -> Intel Corporation)
S1 sduaento; C:\WINDOWS\system32\drivers\sduaento.sys [63448 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [274656 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 1394ohci; \SystemRoot\System32\drivers\1394ohci.sys [X]
S3 AcpiDev; \SystemRoot\System32\drivers\AcpiDev.sys [X]
R3 acpipagr; \SystemRoot\System32\drivers\acpipagr.sys [X]
S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]
S3 acpitime; \SystemRoot\System32\drivers\acpitime.sys [X]
R1 AFD; \SystemRoot\system32\drivers\afd.sys [X]
R1 afunix; \SystemRoot\system32\drivers\afunix.sys [X]
S3 AmdK8; \SystemRoot\System32\drivers\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\System32\drivers\amdppm.sys [X]
S3 AsyncMac; \SystemRoot\System32\drivers\asyncmac.sys [X]
R1 BasicDisplay; \SystemRoot\System32\drivers\BasicDisplay.sys [X]
R1 BasicRender; \SystemRoot\System32\drivers\BasicRender.sys [X]
S3 bcmfn2; \SystemRoot\System32\drivers\bcmfn2.sys [X]
S3 bindflt; \SystemRoot\system32\drivers\bindflt.sys [X]
R3 BthEnum; \SystemRoot\System32\drivers\BthEnum.sys [X]
S3 BthHFEnum; \SystemRoot\System32\drivers\bthhfenum.sys [X]
R3 BthLEEnum; \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [X]
R3 BthMini; \SystemRoot\System32\drivers\BTHMINI.sys [X]
S3 BTHMODEM; \SystemRoot\System32\drivers\bthmodem.sys [X]
R3 BthPan; \SystemRoot\System32\drivers\bthpan.sys [X]
S3 BTHPORT; \SystemRoot\System32\drivers\BTHport.sys [X]
S3 BTHUSB; \SystemRoot\system32\DRIVERS\BTHUSB.sys [X]
S3 buttonconverter; \SystemRoot\System32\drivers\buttonconverter.sys [X]
R3 CAD; \SystemRoot\System32\drivers\CAD.sys [X]
R3 camera; \SystemRoot\system32\DRIVERS\iacamera32.sys [X]
S3 CapImg; \SystemRoot\System32\drivers\capimg.sys [X]
R1 cdrom; \SystemRoot\System32\drivers\cdrom.sys [X]
S3 circlass; \SystemRoot\System32\drivers\circlass.sys [X]
R3 CmBatt; \SystemRoot\System32\drivers\CmBatt.sys [X]
R3 CompositeBus; \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_x86_c85919060d451803\CompositeBus.sys [X]
S3 dmvsc; \SystemRoot\System32\drivers\dmvsc.sys [X]
S3 DptfDevAmbient; \SystemRoot\System32\drivers\DptfDevAmbient.sys [X]
R3 DptfDevDBPT; \SystemRoot\System32\drivers\DptfDevPower.sys [X]
R3 DptfDevDisplay; \SystemRoot\System32\drivers\DptfDevDisplay.sys [X]
R3 DptfDevGen; \SystemRoot\System32\drivers\DptfDevGen.sys [X]
R3 DptfDevProc; \SystemRoot\System32\drivers\DptfDevProc.sys [X]
R3 DptfManager; \SystemRoot\System32\drivers\DptfManager.sys [X]
S3 drmkaud; \SystemRoot\System32\drivers\drmkaud.sys [X]
R3 dtlitescsibus; \SystemRoot\System32\drivers\dtlitescsibus.sys [X]
R3 dtliteusbbus; \SystemRoot\System32\drivers\dtliteusbbus.sys [X]
R1 DXGKrnl; \SystemRoot\System32\drivers\dxgkrnl.sys [X]
S3 ErrDev; \SystemRoot\System32\drivers\errdev.sys [X]
S3 fdc; \SystemRoot\System32\drivers\fdc.sys [X]
S3 flpydisk; \SystemRoot\System32\drivers\flpydisk.sys [X]
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
S3 genericusbfn; \SystemRoot\System32\drivers\genericusbfn.sys [X]
R3 GPIO; \SystemRoot\System32\drivers\iaiogpioe.sys [X]
R3 GpioVirtual; \SystemRoot\System32\drivers\iaiogpiovirtual.sys [X]
S3 HDAudBus; \SystemRoot\System32\drivers\HDAudBus.sys [X]
S3 HidBatt; \SystemRoot\System32\drivers\HidBatt.sys [X]
S3 HidBth; \SystemRoot\System32\drivers\hidbth.sys [X]
R3 hidi2c; \SystemRoot\System32\drivers\hidi2c.sys [X]
S3 hidinterrupt; \SystemRoot\System32\drivers\hidinterrupt.sys [X]
S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]
S3 HidUsb; \SystemRoot\System32\drivers\hidusb.sys [X]
S3 hyperkbd; \SystemRoot\System32\drivers\hyperkbd.sys [X]
S3 HyperVideo; \SystemRoot\System32\drivers\HyperVideo.sys [X]
S3 i8042prt; \SystemRoot\System32\drivers\i8042prt.sys [X]
S3 iagpio; \SystemRoot\System32\drivers\iagpio.sys [X]
S3 iai2c; \SystemRoot\System32\drivers\iai2c.sys [X]
R3 iaioi2c; \SystemRoot\System32\drivers\iaioi2ce.sys [X]
R3 iaiouart; \SystemRoot\System32\drivers\iaiouart.sys [X]
R3 igfx; \SystemRoot\system32\DRIVERS\igdkmd32.sys [X]
S3 IndirectKmd; \SystemRoot\System32\drivers\IndirectKmd.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
R3 IntelBatteryManagement; \SystemRoot\System32\drivers\IntelBatteryManagement.sys [X]
R3 intelppm; \SystemRoot\System32\drivers\intelppm.sys [X]
R3 IntelSST; \SystemRoot\system32\drivers\isstrtc.sys [X]
S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]
S3 IPT; \SystemRoot\System32\drivers\ipt.sys [X]
S3 irda; \SystemRoot\system32\drivers\irda.sys [X]
S3 iScsiPrt; \SystemRoot\System32\drivers\msiscsi.sys [X]
R3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
R3 kbdclass; \SystemRoot\System32\drivers\kbdclass.sys [X]
R3 kbdhid; \SystemRoot\System32\drivers\kbdhid.sys [X]
R3 kdnic; \SystemRoot\System32\drivers\kdnic.sys [X]
R2 luafv; \SystemRoot\system32\drivers\luafv.sys [X]
S3 mausbhost; \SystemRoot\System32\drivers\mausbhost.sys [X]
S3 mausbip; \SystemRoot\System32\drivers\mausbip.sys [X]
R2 MMCSS; \SystemRoot\system32\drivers\mmcss.sys [X]
R3 monitor; \SystemRoot\System32\drivers\monitor.sys [X]
R3 mouclass; \SystemRoot\System32\drivers\mouclass.sys [X]
R3 mouhid; \SystemRoot\System32\drivers\mouhid.sys [X]
S3 MRxDAV; \SystemRoot\system32\drivers\mrxdav.sys [X]
R3 msgpiowin32; \SystemRoot\System32\drivers\msgpiowin32.sys [X]
R3 mshidkmdf; \SystemRoot\System32\drivers\mshidkmdf.sys [X]
S3 mshidumdf; \SystemRoot\System32\drivers\mshidumdf.sys [X]
S3 MSKSSRV; \SystemRoot\System32\drivers\MSKSSRV.sys [X]
S3 MSPCLOCK; \SystemRoot\System32\drivers\MSPCLOCK.sys [X]
S3 MSPQM; \SystemRoot\System32\drivers\MSPQM.sys [X]
R1 mssmbios; \SystemRoot\System32\drivers\mssmbios.sys [X]
S3 MSTEE; \SystemRoot\System32\drivers\MSTEE.sys [X]
S3 MTConfig; \SystemRoot\System32\drivers\MTConfig.sys [X]
R3 NdisVirtualBus; \SystemRoot\System32\drivers\NdisVirtualBus.sys [X]
R3 NdisWan; \SystemRoot\System32\drivers\ndiswan.sys [X]
S3 netvsc; \SystemRoot\System32\drivers\netvsc.sys [X]
R1 npsvctrig; \SystemRoot\System32\drivers\npsvctrig.sys [X]
R3 Parport; \SystemRoot\System32\drivers\parport.sys [X]
S2 Parvdm; \SystemRoot\System32\drivers\parvdm.sys [X]
R3 PMIC; \SystemRoot\System32\drivers\PMIC.sys [X]
S3 PNPMEM; \SystemRoot\System32\drivers\pnpmem.sys [X]
R3 PptpMiniport; \SystemRoot\System32\drivers\raspptp.sys [X]
S3 Processor; \SystemRoot\System32\drivers\processr.sys [X]
S3 QWAVEdrv; \SystemRoot\system32\drivers\qwavedrv.sys [X]
R3 RasAgileVpn; \SystemRoot\System32\drivers\AgileVpn.sys [X]
R3 Rasl2tp; \SystemRoot\System32\drivers\rasl2tp.sys [X]
R3 RasSstp; \SystemRoot\System32\drivers\rassstp.sys [X]
R3 rdpbus; \SystemRoot\System32\drivers\rdpbus.sys [X]
R3 RFCOMM; \SystemRoot\System32\drivers\rfcomm.sys [X]
S3 rhproxy; \SystemRoot\System32\drivers\rhproxy.sys [X]
R3 rtii2sac; \SystemRoot\system32\DRIVERS\rtii2sac.sys [X]
R3 RtkUart; \SystemRoot\System32\drivers\RtkUart.sys [X]
R3 RtlWlans; \SystemRoot\System32\drivers\rtwlans.sys [X]
R3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
S3 s3cap; \SystemRoot\System32\drivers\vms3cap.sys [X]
R3 sdbus; \SystemRoot\System32\drivers\sdbus.sys [X]
R3 sdstor; \SystemRoot\System32\drivers\sdstor.sys [X]
S3 Serenum; \SystemRoot\System32\drivers\serenum.sys [X]
S3 Serial; \SystemRoot\System32\drivers\serial.sys [X]
S3 sermouse; \SystemRoot\System32\drivers\sermouse.sys [X]
S3 sfloppy; \SystemRoot\System32\drivers\sfloppy.sys [X]
R3 swenum; \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_x86_b61b7c3c8222e212\swenum.sys [X]
S3 Synth3dVsc; \SystemRoot\System32\drivers\Synth3dVsc.sys [X]
R1 tdx; \SystemRoot\system32\DRIVERS\tdx.sys [X]
S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]
R3 TPM; \SystemRoot\System32\drivers\tpm.sys [X]
S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]
R3 TXEI; \SystemRoot\System32\drivers\TXEI.sys [X]
S3 UASPStor; \SystemRoot\System32\drivers\uaspstor.sys [X]
S3 UcmUcsi; \SystemRoot\System32\drivers\UcmUcsi.sys [X]
R3 UEFI; \SystemRoot\System32\drivers\UEFI.sys [X]
S3 UfxChipidea; \SystemRoot\System32\drivers\UfxChipidea.sys [X]
S3 ufxsynopsys; \SystemRoot\System32\drivers\ufxsynopsys.sys [X]
R3 umbus; \SystemRoot\System32\drivers\umbus.sys [X]
S3 UmPass; \SystemRoot\System32\drivers\umpass.sys [X]
S3 UrsChipidea; \SystemRoot\System32\drivers\urschipidea.sys [X]
S3 UrsSynopsys; \SystemRoot\System32\drivers\urssynopsys.sys [X]
R3 usbccgp; \SystemRoot\System32\drivers\usbccgp.sys [X]
S3 usbcir; \SystemRoot\System32\drivers\usbcir.sys [X]
S3 usbehci; \SystemRoot\System32\drivers\usbehci.sys [X]
S3 usbhub; \SystemRoot\System32\drivers\usbhub.sys [X]
R3 USBHUB3; \SystemRoot\System32\drivers\UsbHub3.sys [X]
S3 usbohci; \SystemRoot\System32\drivers\usbohci.sys [X]
S3 usbprint; \SystemRoot\System32\drivers\usbprint.sys [X]
S3 usbscan; \SystemRoot\system32\DRIVERS\usbscan.sys [X]
S3 usbser; \SystemRoot\System32\drivers\usbser.sys [X]
S3 USBSTOR; \SystemRoot\System32\drivers\USBSTOR.SYS [X]
S3 usbuhci; \SystemRoot\System32\drivers\usbuhci.sys [X]
R3 USBXHCI; \SystemRoot\System32\drivers\USBXHCI.SYS [X]
S3 vhdmp; \SystemRoot\System32\drivers\vhdmp.sys [X]
S3 vhf; \SystemRoot\System32\drivers\vhf.sys [X]
S3 ViaC7; \SystemRoot\System32\drivers\viac7.sys [X]
S3 VMBusHID; \SystemRoot\System32\drivers\VMBusHID.sys [X]
S3 vmgid; \SystemRoot\System32\drivers\vmgid.sys [X]
R3 vwifibus; \SystemRoot\System32\drivers\vwifibus.sys [X]
R3 vwifimp; \SystemRoot\System32\drivers\vwifimp.sys [X]
S3 WacomPen; \SystemRoot\System32\drivers\wacompen.sys [X]
R2 wcifs; \SystemRoot\system32\drivers\wcifs.sys [X]
S3 wcnfs; \SystemRoot\system32\drivers\wcnfs.sys [X]
S3 wdm_usb; \SystemRoot\system32\DRIVERS\usb2ser.sys [X]
S3 WINUSB; \SystemRoot\System32\drivers\WinUSB.SYS [X]
S3 WmiAcpi; \SystemRoot\System32\drivers\wmiacpi.sys [X]
S4 ws2ifsl; \SystemRoot\system32\drivers\ws2ifsl.sys [X]
S3 WUDFWpdFs; \SystemRoot\system32\DRIVERS\WUDFRd.sys [X]
S3 WUDFWpdMtp; \SystemRoot\system32\DRIVERS\WUDFRd.sys [X]
S3 xboxgip; \SystemRoot\System32\drivers\xboxgip.sys [X]
S3 xinputhid; \SystemRoot\System32\drivers\xinputhid.sys [X]
S3 xusb22; \SystemRoot\System32\drivers\xusb22.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-05 21:11 - 2019-10-05 21:12 - 000029801 _____ C:\Users\Jana\Downloads\FRST.txt
2019-10-05 21:10 - 2019-10-05 21:10 - 000063448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sduaento.sys
2019-10-05 21:09 - 2019-10-05 21:11 - 000000000 ____D C:\FRST
2019-10-05 21:08 - 2019-10-05 21:08 - 001451008 _____ (Farbar) C:\Users\Jana\Downloads\FRST.exe
2019-10-05 20:04 - 2019-10-05 20:04 - 001615360 _____ (Farbar) C:\Users\Jana\Downloads\FRST64.exe
2019-10-05 16:57 - 2019-10-05 17:00 - 000000000 ____D C:\AdwCleaner
2019-10-05 16:55 - 2019-10-05 16:55 - 007636680 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner_7.4.1 (1).exe
2019-10-05 16:54 - 2019-10-05 16:54 - 007636680 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner_7.4.1.exe
2019-10-05 11:52 - 2019-10-05 20:11 - 000000000 ____D C:\Program Files\trend micro
2019-10-05 11:52 - 2019-10-05 11:53 - 000000000 ____D C:\rsit
2019-10-05 11:52 - 2019-10-05 11:52 - 001107968 _____ C:\Users\Jana\Downloads\RSIT.exe
2019-09-20 23:51 - 2019-09-20 23:52 - 182353119 _____ C:\Users\Jana\Downloads\Terraria.v1.3.5.3 (1).rar
2019-09-20 23:47 - 2019-09-20 23:48 - 182353119 _____ C:\Users\Jana\Downloads\Terraria.v1.3.5.3.rar
2019-09-20 23:37 - 2019-09-20 23:38 - 016538804 _____ C:\Users\Jana\Downloads\Speedrun.Squad.rar
2019-09-20 21:59 - 2019-09-20 22:00 - 043671552 _____ C:\Users\Jana\Downloads\EpicInstaller-10.5.4-fortnite.msi
2019-09-20 21:59 - 2019-09-20 21:59 - 000003536 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2019-09-20 21:59 - 2019-09-20 21:59 - 000003412 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2019-09-20 21:58 - 2019-09-20 21:58 - 000004015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2019-09-20 21:58 - 2019-09-20 21:58 - 000004003 _____ C:\Users\Public\Desktop\Booking.lnk
2019-09-20 21:58 - 2019-09-20 21:58 - 000000000 ____D C:\Program Files\bookingDesktopApp
2019-09-20 21:58 - 2019-09-20 21:58 - 000000000 ____D C:\Program Files\Booking
2019-09-20 21:56 - 2019-09-20 21:56 - 000000000 ____D C:\ProgramData\McAfee
2019-09-20 21:56 - 2019-09-20 21:56 - 000000000 ____D C:\Program Files\McAfee
2019-09-19 22:50 - 2019-09-19 22:50 - 000000300 _____ C:\Users\Jana\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-09-19 22:46 - 2019-09-19 22:46 - 000000000 ____D C:\Users\Jana\.android
2019-09-19 22:44 - 2019-09-19 22:44 - 000000066 _____ C:\Users\Jana\inittk.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000053 _____ C:\Users\Jana\useruid.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000045 _____ C:\Users\Jana\nuuid.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000041 _____ C:\Users\Jana\inst.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000000 ___DC C:\Users\Jana\AppData\Local\NoxSrv
2019-09-19 22:44 - 2019-09-19 22:44 - 000000000 ____D C:\Users\Jana\Nox_share
2019-09-19 22:42 - 2019-09-19 22:43 - 000000000 ____D C:\Users\Jana\vmlogs
2019-09-19 22:39 - 2019-09-20 21:56 - 000000000 ___DC C:\Users\Jana\AppData\Local\Nox
2019-09-19 22:39 - 2019-09-20 21:56 - 000000000 ____D C:\Program Files\Nox
2019-09-19 22:14 - 2019-09-19 22:14 - 000911592 _____ (BlueStack Systems Inc.) C:\Users\Jana\Downloads\BlueStacksInstaller_4.130.1.1002_native_88e9374d75965ad8e74a10f70e145ea1 (1).exe
2019-09-19 22:13 - 2019-09-19 22:13 - 000911592 _____ (BlueStack Systems Inc.) C:\Users\Jana\Downloads\BlueStacksInstaller_4.130.1.1002_native_88e9374d75965ad8e74a10f70e145ea1.exe
2019-09-11 14:24 - 2019-09-20 23:53 - 000000000 ___DC C:\Users\Jana\Desktop\zabiják888
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-05 21:10 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 21:01 - 2018-05-22 21:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-05 17:05 - 2018-05-22 21:46 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05 - 2018-04-12 06:53 - 000717824 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-05 17:05 - 2018-04-12 06:53 - 000145384 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-05 17:05 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-05 17:01 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-05 17:01 - 2016-10-18 11:41 - 000000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2019-10-05 17:00 - 2018-05-22 21:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-05 17:00 - 2018-04-11 14:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-05 17:00 - 2016-03-01 21:15 - 000000000 ____D C:\Program Files\Lenovo
2019-10-05 11:53 - 2018-05-22 21:52 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188802740-2568223325-2750341654-1001
2019-10-05 11:53 - 2018-05-22 21:35 - 000002369 ____C C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-05 11:53 - 2016-10-18 11:44 - 000000000 ___RD C:\Users\Jana\OneDrive
2019-10-05 10:46 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-05 08:10 - 2018-03-01 10:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-04 11:28 - 2018-05-22 21:35 - 000000000 ____D C:\Users\Jana
2019-09-30 18:28 - 2018-06-12 11:36 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-30 18:28 - 2018-06-12 11:36 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-30 13:34 - 2018-05-24 07:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-30 13:34 - 2018-02-01 17:24 - 000000000 ___DC C:\Users\Jana\AppData\Local\Packages
2019-09-21 12:58 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-20 21:56 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Registration
2019-09-19 22:42 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-19 22:20 - 2019-08-28 22:32 - 000000000 ___DC C:\Users\Jana\AppData\Local\BlueStacks
2019-09-19 22:20 - 2019-08-28 22:32 - 000000000 ____D C:\Users\Public\BlueStacks
2019-09-17 19:38 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-10-2019
Ran by Jana (administrator) on LAPTOP-SVDUHAMF (LENOVO 80R2) (05-10-2019 21:11:09)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Jana)
Platform: Microsoft Windows 10 Home Version 1803 17134.885 (X86) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(3NOD) [File not signed] C:\Windows\3NOD\Lenovokb.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Filefacts.net) [File not signed] C:\Program Files\Smart File Advisor\SFAUpdater.exe
(Google Inc -> Google LLC) C:\Program Files\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1909.6-0\MsMpEng.exe
(Realtek Semiconductor Corp -> ) C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x86__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(StarWind Software) [File not signed] C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [3nodkey] => C:\Windows\3NOD\LenovoKB.exe [6416384 2015-08-12] (3NOD) [File not signed]
HKLM\...\Run: [Smart File Advisor] => C:\Program Files\Smart File Advisor\sfa.exe [282352 2017-06-19] (Total PC -> Filefacts.net)
HKLM\...\Run: [SFAUpdater] => C:\Program Files\Smart File Advisor\SFAUpdater.exe [656656 2015-03-27] (Filefacts.net) [File not signed]
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [103528 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [AlcoholAutomount] => C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3880640 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-30] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BBAD8E8-172A-4FBE-89B4-ED6BBE96E8EE} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {480FA9E6-AE35-47BA-828C-F203CBB02EF2} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
Task: {48E2B3BA-C2A5-4E36-827E-7F12262B69D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5EB1DE3B-E9FC-41DD-8BA1-7F14CAC2292A} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
Task: {6BD126E5-7263-4524-9926-2A0148014169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {6C7C6DBC-FA53-4293-A356-AF6ADD88A901} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6F767A32-2607-434D-9781-4D0996275E3B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {731A2ED0-2D62-44B2-BBE2-C1BB3A99232E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MpCmdRun.exe [403816 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E3E0647-B8E1-41A2-9313-45EB4C708E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7FCBDA19-43D0-412A-B17C-EE07B19EB470} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe
Task: {8232E6C2-A41A-4CB0-A334-9243F4741820} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
Task: {885F83F6-6FC7-4673-B924-D1882F27247B} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe
Task: {96552BB5-55FC-45BF-9EB5-B9494DE11503} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-18] (LENOVO -> Lenovo)
Task: {BE4D6493-D09E-4258-A40A-6DFBA7AFC421} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
Task: {CC06CF09-C89F-4459-9AE8-24F71558382E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {E993F50C-2FAD-4606-85AA-894E348301EE} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 77.48.181.35 77.48.181.33
Tcpip\..\Interfaces\{941bd24c-6d21-417c-af39-b90f92fe36fd}: [DhcpNameServer] 77.48.181.35 77.48.181.33
Internet Explorer:
==================
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> DefaultScope {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-09-30] (McAfee, LLC -> McAfee, Inc.)
Edge:
======
DownloadDir: C:\Users\Jana\Downloads
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-09-30]
FF Plugin: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-20] (bookingDesktopApp.) [File not signed]
FF Plugin: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-20] (bookingDesktopApp.) [File not signed]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G10&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2019-10-05]
CHR Extension: (Prezentace) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-12]
CHR Extension: (Dokumenty) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-12]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-06-12]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-12]
CHR Extension: (Tabulky) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-12]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-09-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-04]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AxAutoMntSrv; C:\Program Files\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft -> Alcohol Soft Development Team)
S2 bookingdesktopapp; C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-20] (bookingDesktopApp.) [File not signed]
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [147160 2015-07-16] (Realtek Semiconductor Corp -> )
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [299488 2016-11-09] (Intel(R) pGFX -> Intel Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2354368 2017-08-14] (Disc Soft Ltd -> Disc Soft Ltd)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [108648 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [105576 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [115816 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [292832 2016-11-09] (Intel(R) pGFX -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [684688 2019-09-30] (McAfee, LLC -> McAfee, Inc.)
R2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [2136112 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [85032 2019-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [33792 2015-06-16] (Intel(R) Baytrail Wintablet -> Intel Corporation)
S1 sduaento; C:\WINDOWS\system32\drivers\sduaento.sys [63448 2019-10-05] (Microsoft Corporation -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [38280 2019-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [274656 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 1394ohci; \SystemRoot\System32\drivers\1394ohci.sys [X]
S3 AcpiDev; \SystemRoot\System32\drivers\AcpiDev.sys [X]
R3 acpipagr; \SystemRoot\System32\drivers\acpipagr.sys [X]
S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]
S3 acpitime; \SystemRoot\System32\drivers\acpitime.sys [X]
R1 AFD; \SystemRoot\system32\drivers\afd.sys [X]
R1 afunix; \SystemRoot\system32\drivers\afunix.sys [X]
S3 AmdK8; \SystemRoot\System32\drivers\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\System32\drivers\amdppm.sys [X]
S3 AsyncMac; \SystemRoot\System32\drivers\asyncmac.sys [X]
R1 BasicDisplay; \SystemRoot\System32\drivers\BasicDisplay.sys [X]
R1 BasicRender; \SystemRoot\System32\drivers\BasicRender.sys [X]
S3 bcmfn2; \SystemRoot\System32\drivers\bcmfn2.sys [X]
S3 bindflt; \SystemRoot\system32\drivers\bindflt.sys [X]
R3 BthEnum; \SystemRoot\System32\drivers\BthEnum.sys [X]
S3 BthHFEnum; \SystemRoot\System32\drivers\bthhfenum.sys [X]
R3 BthLEEnum; \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [X]
R3 BthMini; \SystemRoot\System32\drivers\BTHMINI.sys [X]
S3 BTHMODEM; \SystemRoot\System32\drivers\bthmodem.sys [X]
R3 BthPan; \SystemRoot\System32\drivers\bthpan.sys [X]
S3 BTHPORT; \SystemRoot\System32\drivers\BTHport.sys [X]
S3 BTHUSB; \SystemRoot\system32\DRIVERS\BTHUSB.sys [X]
S3 buttonconverter; \SystemRoot\System32\drivers\buttonconverter.sys [X]
R3 CAD; \SystemRoot\System32\drivers\CAD.sys [X]
R3 camera; \SystemRoot\system32\DRIVERS\iacamera32.sys [X]
S3 CapImg; \SystemRoot\System32\drivers\capimg.sys [X]
R1 cdrom; \SystemRoot\System32\drivers\cdrom.sys [X]
S3 circlass; \SystemRoot\System32\drivers\circlass.sys [X]
R3 CmBatt; \SystemRoot\System32\drivers\CmBatt.sys [X]
R3 CompositeBus; \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_x86_c85919060d451803\CompositeBus.sys [X]
S3 dmvsc; \SystemRoot\System32\drivers\dmvsc.sys [X]
S3 DptfDevAmbient; \SystemRoot\System32\drivers\DptfDevAmbient.sys [X]
R3 DptfDevDBPT; \SystemRoot\System32\drivers\DptfDevPower.sys [X]
R3 DptfDevDisplay; \SystemRoot\System32\drivers\DptfDevDisplay.sys [X]
R3 DptfDevGen; \SystemRoot\System32\drivers\DptfDevGen.sys [X]
R3 DptfDevProc; \SystemRoot\System32\drivers\DptfDevProc.sys [X]
R3 DptfManager; \SystemRoot\System32\drivers\DptfManager.sys [X]
S3 drmkaud; \SystemRoot\System32\drivers\drmkaud.sys [X]
R3 dtlitescsibus; \SystemRoot\System32\drivers\dtlitescsibus.sys [X]
R3 dtliteusbbus; \SystemRoot\System32\drivers\dtliteusbbus.sys [X]
R1 DXGKrnl; \SystemRoot\System32\drivers\dxgkrnl.sys [X]
S3 ErrDev; \SystemRoot\System32\drivers\errdev.sys [X]
S3 fdc; \SystemRoot\System32\drivers\fdc.sys [X]
S3 flpydisk; \SystemRoot\System32\drivers\flpydisk.sys [X]
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
S3 genericusbfn; \SystemRoot\System32\drivers\genericusbfn.sys [X]
R3 GPIO; \SystemRoot\System32\drivers\iaiogpioe.sys [X]
R3 GpioVirtual; \SystemRoot\System32\drivers\iaiogpiovirtual.sys [X]
S3 HDAudBus; \SystemRoot\System32\drivers\HDAudBus.sys [X]
S3 HidBatt; \SystemRoot\System32\drivers\HidBatt.sys [X]
S3 HidBth; \SystemRoot\System32\drivers\hidbth.sys [X]
R3 hidi2c; \SystemRoot\System32\drivers\hidi2c.sys [X]
S3 hidinterrupt; \SystemRoot\System32\drivers\hidinterrupt.sys [X]
S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]
S3 HidUsb; \SystemRoot\System32\drivers\hidusb.sys [X]
S3 hyperkbd; \SystemRoot\System32\drivers\hyperkbd.sys [X]
S3 HyperVideo; \SystemRoot\System32\drivers\HyperVideo.sys [X]
S3 i8042prt; \SystemRoot\System32\drivers\i8042prt.sys [X]
S3 iagpio; \SystemRoot\System32\drivers\iagpio.sys [X]
S3 iai2c; \SystemRoot\System32\drivers\iai2c.sys [X]
R3 iaioi2c; \SystemRoot\System32\drivers\iaioi2ce.sys [X]
R3 iaiouart; \SystemRoot\System32\drivers\iaiouart.sys [X]
R3 igfx; \SystemRoot\system32\DRIVERS\igdkmd32.sys [X]
S3 IndirectKmd; \SystemRoot\System32\drivers\IndirectKmd.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
R3 IntelBatteryManagement; \SystemRoot\System32\drivers\IntelBatteryManagement.sys [X]
R3 intelppm; \SystemRoot\System32\drivers\intelppm.sys [X]
R3 IntelSST; \SystemRoot\system32\drivers\isstrtc.sys [X]
S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]
S3 IPT; \SystemRoot\System32\drivers\ipt.sys [X]
S3 irda; \SystemRoot\system32\drivers\irda.sys [X]
S3 iScsiPrt; \SystemRoot\System32\drivers\msiscsi.sys [X]
R3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
R3 kbdclass; \SystemRoot\System32\drivers\kbdclass.sys [X]
R3 kbdhid; \SystemRoot\System32\drivers\kbdhid.sys [X]
R3 kdnic; \SystemRoot\System32\drivers\kdnic.sys [X]
R2 luafv; \SystemRoot\system32\drivers\luafv.sys [X]
S3 mausbhost; \SystemRoot\System32\drivers\mausbhost.sys [X]
S3 mausbip; \SystemRoot\System32\drivers\mausbip.sys [X]
R2 MMCSS; \SystemRoot\system32\drivers\mmcss.sys [X]
R3 monitor; \SystemRoot\System32\drivers\monitor.sys [X]
R3 mouclass; \SystemRoot\System32\drivers\mouclass.sys [X]
R3 mouhid; \SystemRoot\System32\drivers\mouhid.sys [X]
S3 MRxDAV; \SystemRoot\system32\drivers\mrxdav.sys [X]
R3 msgpiowin32; \SystemRoot\System32\drivers\msgpiowin32.sys [X]
R3 mshidkmdf; \SystemRoot\System32\drivers\mshidkmdf.sys [X]
S3 mshidumdf; \SystemRoot\System32\drivers\mshidumdf.sys [X]
S3 MSKSSRV; \SystemRoot\System32\drivers\MSKSSRV.sys [X]
S3 MSPCLOCK; \SystemRoot\System32\drivers\MSPCLOCK.sys [X]
S3 MSPQM; \SystemRoot\System32\drivers\MSPQM.sys [X]
R1 mssmbios; \SystemRoot\System32\drivers\mssmbios.sys [X]
S3 MSTEE; \SystemRoot\System32\drivers\MSTEE.sys [X]
S3 MTConfig; \SystemRoot\System32\drivers\MTConfig.sys [X]
R3 NdisVirtualBus; \SystemRoot\System32\drivers\NdisVirtualBus.sys [X]
R3 NdisWan; \SystemRoot\System32\drivers\ndiswan.sys [X]
S3 netvsc; \SystemRoot\System32\drivers\netvsc.sys [X]
R1 npsvctrig; \SystemRoot\System32\drivers\npsvctrig.sys [X]
R3 Parport; \SystemRoot\System32\drivers\parport.sys [X]
S2 Parvdm; \SystemRoot\System32\drivers\parvdm.sys [X]
R3 PMIC; \SystemRoot\System32\drivers\PMIC.sys [X]
S3 PNPMEM; \SystemRoot\System32\drivers\pnpmem.sys [X]
R3 PptpMiniport; \SystemRoot\System32\drivers\raspptp.sys [X]
S3 Processor; \SystemRoot\System32\drivers\processr.sys [X]
S3 QWAVEdrv; \SystemRoot\system32\drivers\qwavedrv.sys [X]
R3 RasAgileVpn; \SystemRoot\System32\drivers\AgileVpn.sys [X]
R3 Rasl2tp; \SystemRoot\System32\drivers\rasl2tp.sys [X]
R3 RasSstp; \SystemRoot\System32\drivers\rassstp.sys [X]
R3 rdpbus; \SystemRoot\System32\drivers\rdpbus.sys [X]
R3 RFCOMM; \SystemRoot\System32\drivers\rfcomm.sys [X]
S3 rhproxy; \SystemRoot\System32\drivers\rhproxy.sys [X]
R3 rtii2sac; \SystemRoot\system32\DRIVERS\rtii2sac.sys [X]
R3 RtkUart; \SystemRoot\System32\drivers\RtkUart.sys [X]
R3 RtlWlans; \SystemRoot\System32\drivers\rtwlans.sys [X]
R3 rtsuvc; \SystemRoot\system32\DRIVERS\rtsuvc.sys [X]
S3 s3cap; \SystemRoot\System32\drivers\vms3cap.sys [X]
R3 sdbus; \SystemRoot\System32\drivers\sdbus.sys [X]
R3 sdstor; \SystemRoot\System32\drivers\sdstor.sys [X]
S3 Serenum; \SystemRoot\System32\drivers\serenum.sys [X]
S3 Serial; \SystemRoot\System32\drivers\serial.sys [X]
S3 sermouse; \SystemRoot\System32\drivers\sermouse.sys [X]
S3 sfloppy; \SystemRoot\System32\drivers\sfloppy.sys [X]
R3 swenum; \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_x86_b61b7c3c8222e212\swenum.sys [X]
S3 Synth3dVsc; \SystemRoot\System32\drivers\Synth3dVsc.sys [X]
R1 tdx; \SystemRoot\system32\DRIVERS\tdx.sys [X]
S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]
R3 TPM; \SystemRoot\System32\drivers\tpm.sys [X]
S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]
R3 TXEI; \SystemRoot\System32\drivers\TXEI.sys [X]
S3 UASPStor; \SystemRoot\System32\drivers\uaspstor.sys [X]
S3 UcmUcsi; \SystemRoot\System32\drivers\UcmUcsi.sys [X]
R3 UEFI; \SystemRoot\System32\drivers\UEFI.sys [X]
S3 UfxChipidea; \SystemRoot\System32\drivers\UfxChipidea.sys [X]
S3 ufxsynopsys; \SystemRoot\System32\drivers\ufxsynopsys.sys [X]
R3 umbus; \SystemRoot\System32\drivers\umbus.sys [X]
S3 UmPass; \SystemRoot\System32\drivers\umpass.sys [X]
S3 UrsChipidea; \SystemRoot\System32\drivers\urschipidea.sys [X]
S3 UrsSynopsys; \SystemRoot\System32\drivers\urssynopsys.sys [X]
R3 usbccgp; \SystemRoot\System32\drivers\usbccgp.sys [X]
S3 usbcir; \SystemRoot\System32\drivers\usbcir.sys [X]
S3 usbehci; \SystemRoot\System32\drivers\usbehci.sys [X]
S3 usbhub; \SystemRoot\System32\drivers\usbhub.sys [X]
R3 USBHUB3; \SystemRoot\System32\drivers\UsbHub3.sys [X]
S3 usbohci; \SystemRoot\System32\drivers\usbohci.sys [X]
S3 usbprint; \SystemRoot\System32\drivers\usbprint.sys [X]
S3 usbscan; \SystemRoot\system32\DRIVERS\usbscan.sys [X]
S3 usbser; \SystemRoot\System32\drivers\usbser.sys [X]
S3 USBSTOR; \SystemRoot\System32\drivers\USBSTOR.SYS [X]
S3 usbuhci; \SystemRoot\System32\drivers\usbuhci.sys [X]
R3 USBXHCI; \SystemRoot\System32\drivers\USBXHCI.SYS [X]
S3 vhdmp; \SystemRoot\System32\drivers\vhdmp.sys [X]
S3 vhf; \SystemRoot\System32\drivers\vhf.sys [X]
S3 ViaC7; \SystemRoot\System32\drivers\viac7.sys [X]
S3 VMBusHID; \SystemRoot\System32\drivers\VMBusHID.sys [X]
S3 vmgid; \SystemRoot\System32\drivers\vmgid.sys [X]
R3 vwifibus; \SystemRoot\System32\drivers\vwifibus.sys [X]
R3 vwifimp; \SystemRoot\System32\drivers\vwifimp.sys [X]
S3 WacomPen; \SystemRoot\System32\drivers\wacompen.sys [X]
R2 wcifs; \SystemRoot\system32\drivers\wcifs.sys [X]
S3 wcnfs; \SystemRoot\system32\drivers\wcnfs.sys [X]
S3 wdm_usb; \SystemRoot\system32\DRIVERS\usb2ser.sys [X]
S3 WINUSB; \SystemRoot\System32\drivers\WinUSB.SYS [X]
S3 WmiAcpi; \SystemRoot\System32\drivers\wmiacpi.sys [X]
S4 ws2ifsl; \SystemRoot\system32\drivers\ws2ifsl.sys [X]
S3 WUDFWpdFs; \SystemRoot\system32\DRIVERS\WUDFRd.sys [X]
S3 WUDFWpdMtp; \SystemRoot\system32\DRIVERS\WUDFRd.sys [X]
S3 xboxgip; \SystemRoot\System32\drivers\xboxgip.sys [X]
S3 xinputhid; \SystemRoot\System32\drivers\xinputhid.sys [X]
S3 xusb22; \SystemRoot\System32\drivers\xusb22.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-05 21:11 - 2019-10-05 21:12 - 000029801 _____ C:\Users\Jana\Downloads\FRST.txt
2019-10-05 21:10 - 2019-10-05 21:10 - 000063448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sduaento.sys
2019-10-05 21:09 - 2019-10-05 21:11 - 000000000 ____D C:\FRST
2019-10-05 21:08 - 2019-10-05 21:08 - 001451008 _____ (Farbar) C:\Users\Jana\Downloads\FRST.exe
2019-10-05 20:04 - 2019-10-05 20:04 - 001615360 _____ (Farbar) C:\Users\Jana\Downloads\FRST64.exe
2019-10-05 16:57 - 2019-10-05 17:00 - 000000000 ____D C:\AdwCleaner
2019-10-05 16:55 - 2019-10-05 16:55 - 007636680 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner_7.4.1 (1).exe
2019-10-05 16:54 - 2019-10-05 16:54 - 007636680 _____ (Malwarebytes) C:\Users\Jana\Downloads\adwcleaner_7.4.1.exe
2019-10-05 11:52 - 2019-10-05 20:11 - 000000000 ____D C:\Program Files\trend micro
2019-10-05 11:52 - 2019-10-05 11:53 - 000000000 ____D C:\rsit
2019-10-05 11:52 - 2019-10-05 11:52 - 001107968 _____ C:\Users\Jana\Downloads\RSIT.exe
2019-09-20 23:51 - 2019-09-20 23:52 - 182353119 _____ C:\Users\Jana\Downloads\Terraria.v1.3.5.3 (1).rar
2019-09-20 23:47 - 2019-09-20 23:48 - 182353119 _____ C:\Users\Jana\Downloads\Terraria.v1.3.5.3.rar
2019-09-20 23:37 - 2019-09-20 23:38 - 016538804 _____ C:\Users\Jana\Downloads\Speedrun.Squad.rar
2019-09-20 21:59 - 2019-09-20 22:00 - 043671552 _____ C:\Users\Jana\Downloads\EpicInstaller-10.5.4-fortnite.msi
2019-09-20 21:59 - 2019-09-20 21:59 - 000003536 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2019-09-20 21:59 - 2019-09-20 21:59 - 000003412 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2019-09-20 21:58 - 2019-09-20 21:58 - 000004015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2019-09-20 21:58 - 2019-09-20 21:58 - 000004003 _____ C:\Users\Public\Desktop\Booking.lnk
2019-09-20 21:58 - 2019-09-20 21:58 - 000000000 ____D C:\Program Files\bookingDesktopApp
2019-09-20 21:58 - 2019-09-20 21:58 - 000000000 ____D C:\Program Files\Booking
2019-09-20 21:56 - 2019-09-20 21:56 - 000000000 ____D C:\ProgramData\McAfee
2019-09-20 21:56 - 2019-09-20 21:56 - 000000000 ____D C:\Program Files\McAfee
2019-09-19 22:50 - 2019-09-19 22:50 - 000000300 _____ C:\Users\Jana\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2019-09-19 22:46 - 2019-09-19 22:46 - 000000000 ____D C:\Users\Jana\.android
2019-09-19 22:44 - 2019-09-19 22:44 - 000000066 _____ C:\Users\Jana\inittk.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000053 _____ C:\Users\Jana\useruid.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000045 _____ C:\Users\Jana\nuuid.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000041 _____ C:\Users\Jana\inst.ini
2019-09-19 22:44 - 2019-09-19 22:44 - 000000000 ___DC C:\Users\Jana\AppData\Local\NoxSrv
2019-09-19 22:44 - 2019-09-19 22:44 - 000000000 ____D C:\Users\Jana\Nox_share
2019-09-19 22:42 - 2019-09-19 22:43 - 000000000 ____D C:\Users\Jana\vmlogs
2019-09-19 22:39 - 2019-09-20 21:56 - 000000000 ___DC C:\Users\Jana\AppData\Local\Nox
2019-09-19 22:39 - 2019-09-20 21:56 - 000000000 ____D C:\Program Files\Nox
2019-09-19 22:14 - 2019-09-19 22:14 - 000911592 _____ (BlueStack Systems Inc.) C:\Users\Jana\Downloads\BlueStacksInstaller_4.130.1.1002_native_88e9374d75965ad8e74a10f70e145ea1 (1).exe
2019-09-19 22:13 - 2019-09-19 22:13 - 000911592 _____ (BlueStack Systems Inc.) C:\Users\Jana\Downloads\BlueStacksInstaller_4.130.1.1002_native_88e9374d75965ad8e74a10f70e145ea1.exe
2019-09-11 14:24 - 2019-09-20 23:53 - 000000000 ___DC C:\Users\Jana\Desktop\zabiják888
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-05 21:10 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-05 21:01 - 2018-05-22 21:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-05 17:05 - 2018-05-22 21:46 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-05 17:05 - 2018-04-12 06:53 - 000717824 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-05 17:05 - 2018-04-12 06:53 - 000145384 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-05 17:05 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-05 17:01 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-05 17:01 - 2016-10-18 11:41 - 000000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2019-10-05 17:00 - 2018-05-22 21:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-05 17:00 - 2018-04-11 14:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-10-05 17:00 - 2016-03-01 21:15 - 000000000 ____D C:\Program Files\Lenovo
2019-10-05 11:53 - 2018-05-22 21:52 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188802740-2568223325-2750341654-1001
2019-10-05 11:53 - 2018-05-22 21:35 - 000002369 ____C C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-05 11:53 - 2016-10-18 11:44 - 000000000 ___RD C:\Users\Jana\OneDrive
2019-10-05 10:46 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-05 08:10 - 2018-03-01 10:31 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-10-04 11:28 - 2018-05-22 21:35 - 000000000 ____D C:\Users\Jana
2019-09-30 18:28 - 2018-06-12 11:36 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-30 18:28 - 2018-06-12 11:36 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-09-30 13:34 - 2018-05-24 07:27 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-30 13:34 - 2018-02-01 17:24 - 000000000 ___DC C:\Users\Jana\AppData\Local\Packages
2019-09-21 12:58 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-20 21:56 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-19 22:42 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Registration
2019-09-19 22:42 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-09-19 22:20 - 2019-08-28 22:32 - 000000000 ___DC C:\Users\Jana\AppData\Local\BlueStacks
2019-09-19 22:20 - 2019-08-28 22:32 - 000000000 ____D C:\Users\Public\BlueStacks
2019-09-17 19:38 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Jana\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
Task: {6BD126E5-7263-4524-9926-2A0148014169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {7E3E0647-B8E1-41A2-9313-45EB4C708E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CC06CF09-C89F-4459-9AE8-24F71558382E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> DefaultScope {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sduaento.sys:changelist [282]
FirewallRules: [{D20543C9-3968-4A29-8C69-DAEA016284C3}] => (Allow) C:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
EmptaTamp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Log se neobjevil, ale zřejmě by to měl být tento.
Fix result of Farbar Recovery Scan Tool (x86) Version: 06-10-2019
Ran by Jana (06-10-2019 16:27:29) Run:1
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Jana)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {6BD126E5-7263-4524-9926-2A0148014169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {7E3E0647-B8E1-41A2-9313-45EB4C708E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CC06CF09-C89F-4459-9AE8-24F71558382E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> DefaultScope {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sduaento.sys:changelist [282]
FirewallRules: [{D20543C9-3968-4A29-8C69-DAEA016284C3}] => (Allow) C:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
EmptaTamp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BD126E5-7263-4524-9926-2A0148014169}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BD126E5-7263-4524-9926-2A0148014169}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E3E0647-B8E1-41A2-9313-45EB4C708E50}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E3E0647-B8E1-41A2-9313-45EB4C708E50}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC06CF09-C89F-4459-9AE8-24F71558382E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC06CF09-C89F-4459-9AE8-24F71558382E}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA835E26-41F4-4F29-9B49-E852DF8077A1} => removed successfully.
HKLM\Software\Classes\CLSID\{BA835E26-41F4-4F29-9B49-E852DF8077A1} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\WINDOWS\system32\Drivers\sduaento.sys => ":changelist" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D20543C9-3968-4A29-8C69-DAEA016284C3}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}" => removed successfully.
EmptaTamp: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 16:27:58 ====
Fix result of Farbar Recovery Scan Tool (x86) Version: 06-10-2019
Ran by Jana (06-10-2019 16:27:29) Run:1
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana (Available Profiles: Jana)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
Task: {6BD126E5-7263-4524-9926-2A0148014169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
Task: {7E3E0647-B8E1-41A2-9313-45EB4C708E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CC06CF09-C89F-4459-9AE8-24F71558382E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2018-06-12] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> DefaultScope {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
SearchScopes: HKU\S-1-5-21-1188802740-2568223325-2750341654-1001 -> {BA835E26-41F4-4F29-9B49-E852DF8077A1} URL =
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
AlternateDataStreams: C:\WINDOWS\system32\Drivers\sduaento.sys:changelist [282]
FirewallRules: [{D20543C9-3968-4A29-8C69-DAEA016284C3}] => (Allow) C:\Program Files\Nox\bin\Nox.exe No File
FirewallRules: [{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe No File
EmptaTamp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6BD126E5-7263-4524-9926-2A0148014169}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6BD126E5-7263-4524-9926-2A0148014169}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7E3E0647-B8E1-41A2-9313-45EB4C708E50}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7E3E0647-B8E1-41A2-9313-45EB4C708E50}" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC06CF09-C89F-4459-9AE8-24F71558382E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC06CF09-C89F-4459-9AE8-24F71558382E}" => removed successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully.
"HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-1188802740-2568223325-2750341654-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA835E26-41F4-4F29-9B49-E852DF8077A1} => removed successfully.
HKLM\Software\Classes\CLSID\{BA835E26-41F4-4F29-9B49-E852DF8077A1} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\WINDOWS\system32\Drivers\sduaento.sys => ":changelist" ADS removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D20543C9-3968-4A29-8C69-DAEA016284C3}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{061199D6-0ED3-4CFF-9C8F-F87494C5B35B}" => removed successfully.
EmptaTamp: => Error: No automatic fix found for this entry.
The system needed a reboot.
==== End of Fixlog 16:27:58 ====
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
Ano je. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zaneřáděný noťas
Budu teď několik dní mimo. Uvidím co mi manželka potom řekne. Zatím děkuji za snahu a pomoc.
- Rudy
- Site Admin
- Příspěvky: 119390
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zaneřáděný noťas
Zatím není zač! 

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.