Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalý ntb

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Pomalý ntb

#1 Příspěvek od Šmíďák »

Ahoj,

mám podezření, že se mi velmi zpomalil ntb, obzvláště co se týče graficky náročnějších aplikací

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jindřich at 2020-03-17 20:15:26
Microsoft Windows 8.1
System drive C: has 86 GB (42%) free of 203 GB
Total RAM: 8113 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:15:28, on 17. 3. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Program Files\trend micro\Jindřich.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/yhs/web?hspart ... 0523__yaie
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
O4 - HKCU\..\Run: [Pokki] C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Users\JINDIC~1\Programy\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\Users\JINDIC~1\Programy\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: Hotspot Shield Service 9.6.3 (hshld_9.6.3) - Pango Inc. - C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: LsvUIService - Lenovo - C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\windows\system32\PnkBstrB.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TunngleService - Tunngle.net GmbH - C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update service - Popcorn Time - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
O23 - Service: YogaPicks.AppService - Unknown owner - C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13646 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\igfxCUIService.exe
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 946263751808
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\windows\system32\conhost.exe 0x4
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
"C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe"
dashost.exe {ff9f762c-00ba-47b3-bb97f7556093f35d}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe"
"C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe"
"C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe"
"C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe"
C:\windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe" -Embedding
C:\windows\SysWOW64\PnkBstrA.exe
C:\windows\SysWOW64\PnkBstrB.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
"C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe"
"C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-94832149-aac9-42a2-88d2-ca04240a31eb -SystemEventPortName:HostProcess-33ffec14-56d8-4d80-9353-b6945cf5c95d -IoCancelEventPortName:HostProcess-b06e2bae-86bf-44e3-a614-145642eee905 -NonStateChangingEventPortName:HostProcess-c0c7bc77-21d2-48af-bcc0-dda9270b4dc1 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d7638651-986f-4bc3-a4ef-840669d0d526 -DeviceGroupId:WudfDefaultDevicePool
C:\Windows\System32\skydrive.exe -Embedding
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="70CBB0E0-EFB1-3928-D0A0-44D86A44E7CC" /binpath="C:\Program Files\AVAST Software\Avast"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe"
"C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\hsscp.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
"C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
adb fork-server server
AvastUI.exe /nogui
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe" 1 1 1 1
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=8092,14384818634532365724,11058264155790830777,131072 --no-sandbox --log-file="C:\Users\Jindřich\AppData\Roaming\AVAST Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.1.2397)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --force-device-scale-factor=1.25 --pack_loading_disabled=1 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAMAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --service-request-channel-token=30336192828411177 --mojo-platform-channel-handle=8672 /prefetch:2
"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /vu "C:\Users\Jindřich\AppData\Local\Microsoft\Windows\INetCache\Content.Outlook\UZH1RGOL\Test znalostí OpenLIMS pro nové konzultanty 2020_r1.doc
C:\Users\Jindřich\Programy\Firefox\firefox.exe
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.0.1276506933\892622632" -parentBuildID 20200309095159 -prefsHandle 1480 -prefMapHandle 1472 -prefsLen 1 -prefMapSize 241841 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 1552 gpu
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.3.1761577393\1126867679" -childID 1 -isForBrowser -prefsHandle 2012 -prefMapHandle 2008 -prefsLen 187 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 2020 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.13.1549928487\1833010491" -childID 2 -isForBrowser -prefsHandle 3400 -prefMapHandle 3396 -prefsLen 387 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 3412 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.20.644413239\935180261" -childID 3 -isForBrowser -prefsHandle 3876 -prefMapHandle 3884 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4028 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.27.1264581660\1039941655" -childID 4 -isForBrowser -prefsHandle 3668 -prefMapHandle 3796 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 2316 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.34.27711101\1159492987" -childID 5 -isForBrowser -prefsHandle 4416 -prefMapHandle 3668 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4408 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.41.1369179804\1433035903" -childID 6 -isForBrowser -prefsHandle 4628 -prefMapHandle 4624 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4636 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.48.597952370\2070168942" -childID 7 -isForBrowser -prefsHandle 4800 -prefMapHandle 4796 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4768 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.55.274971173\1460617852" -childID 8 -isForBrowser -prefsHandle 4796 -prefMapHandle 4636 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4912 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.62.12063383\66922995" -childID 9 -isForBrowser -prefsHandle 5092 -prefMapHandle 5096 -prefsLen 6457 -prefMapSize 241841 -parentBuildID 20200309095159 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 4796 tab
"C:\Users\Jindřich\Programy\Firefox\firefox.exe" -contentproc --channel="10012.69.107390193\374392521" -parentBuildID 20200309095159 -prefsHandle 7064 -prefMapHandle 3388 -prefsLen 8149 -prefMapSize 241841 -greomni "C:\Users\Jindřich\Programy\Firefox\omni.ja" -appomni "C:\Users\Jindřich\Programy\Firefox\browser\omni.ja" -appdir "C:\Users\Jindřich\Programy\Firefox\browser" - 10012 "\\.\pipe\gecko-crash-server-pipe.10012" 9568 rdd
"C:\Users\Jindřich\Programy\Totalcmd\TOTALCMD64.EXE"

"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe77_ Global\UsGthrCtrlFltPipeMssGthrPipe77 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 384 560 572 65536 568
"C:\Users\Jindřich\Downloads\RSITx64.exe"
C:\windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default

prefs.js - "browser.startup.homepage" - "https://www.centrum.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Users\Jindřich\Programy\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.344 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL


C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\extensions\
staged

C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\searchplugins\
yahoo-lavasoft-ff59.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-21 221664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-21 166360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-03-26 36352]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-01-22 13667032]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-13 1374936]
"RtHDVBg_LENOVO_DOLBYDRAGON"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-13 1374936]
"RtHDVBg_LENOVO_MICPKEY"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-01-13 1374936]
"RtsFT"=C:\windows\RTFTrack.exe [2013-10-17 6340312]
"Yoga PhoneCompanion"=C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [2015-02-09 844304]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2015-02-09 15813616]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2015-02-09 80880]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2020-03-06 277664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Pokki"=C:\Users\Jindřich\AppData\Local\Pokki\Engine\Launcher.dll [2014-04-29 1893144]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-02-28 22256824]
"DAEMON Tools Lite Automount"=C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe [2019-03-04 735336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"=C:\windows\system32\cmd.exe [2014-10-29 357376]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StatusAlerts"=C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [2014-02-12 330040]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McNaiAnn]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-03-17 20:15:26 ----D---- C:\rsit
2020-03-11 08:13:56 ----A---- C:\windows\system32\mshtml.dll
2020-03-11 08:13:55 ----A---- C:\windows\SYSWOW64\mshtml.dll
2020-03-11 08:13:54 ----A---- C:\windows\system32\ieframe.dll
2020-03-11 08:13:53 ----A---- C:\windows\SYSWOW64\jscript9.dll
2020-03-11 08:13:53 ----A---- C:\windows\SYSWOW64\ieframe.dll
2020-03-11 08:13:53 ----A---- C:\windows\system32\jscript9.dll
2020-03-11 08:13:52 ----A---- C:\windows\SYSWOW64\mssrch.dll
2020-03-11 08:13:52 ----A---- C:\windows\system32\win32k.sys
2020-03-11 08:13:52 ----A---- C:\windows\system32\tquery.dll
2020-03-11 08:13:52 ----A---- C:\windows\system32\mssrch.dll
2020-03-11 08:13:52 ----A---- C:\windows\system32\diagtrack.dll
2020-03-11 08:13:51 ----A---- C:\windows\SYSWOW64\msi.dll
2020-03-11 08:13:51 ----A---- C:\windows\system32\WindowsCodecs.dll
2020-03-11 08:13:51 ----A---- C:\windows\system32\ntoskrnl.exe
2020-03-11 08:13:51 ----A---- C:\windows\system32\msi.dll
2020-03-11 08:13:50 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2020-03-11 08:13:50 ----A---- C:\windows\SYSWOW64\Windows.UI.Immersive.dll
2020-03-11 08:13:50 ----A---- C:\windows\SYSWOW64\tquery.dll
2020-03-11 08:13:50 ----A---- C:\windows\system32\Windows.UI.Immersive.dll
2020-03-11 08:13:50 ----A---- C:\windows\system32\drivers\ntfs.sys
2020-03-11 08:13:50 ----A---- C:\windows\system32\authui.dll
2020-03-11 08:13:50 ----A---- C:\windows\system32\AppXDeploymentServer.dll
2020-03-11 08:13:49 ----A---- C:\windows\SYSWOW64\iertutil.dll
2020-03-11 08:13:49 ----A---- C:\windows\SYSWOW64\authui.dll
2020-03-11 08:13:49 ----A---- C:\windows\system32\workfolderssvc.dll
2020-03-11 08:13:49 ----A---- C:\windows\system32\user32.dll
2020-03-11 08:13:49 ----A---- C:\windows\system32\SearchIndexer.exe
2020-03-11 08:13:49 ----A---- C:\windows\system32\iertutil.dll
2020-03-11 08:13:49 ----A---- C:\windows\system32\GdiPlus.dll
2020-03-11 08:13:49 ----A---- C:\windows\system32\gdi32.dll
2020-03-11 08:13:48 ----A---- C:\windows\SYSWOW64\wer.dll
2020-03-11 08:13:48 ----A---- C:\windows\SYSWOW64\upnphost.dll
2020-03-11 08:13:48 ----A---- C:\windows\SYSWOW64\SearchIndexer.exe
2020-03-11 08:13:48 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2020-03-11 08:13:48 ----A---- C:\windows\SYSWOW64\gdi32.dll
2020-03-11 08:13:48 ----A---- C:\windows\system32\wininet.dll
2020-03-11 08:13:48 ----A---- C:\windows\system32\wer.dll
2020-03-11 08:13:48 ----A---- C:\windows\system32\urlmon.dll
2020-03-11 08:13:48 ----A---- C:\windows\system32\upnphost.dll
2020-03-11 08:13:48 ----A---- C:\windows\system32\qmgr.dll
2020-03-11 08:13:47 ----A---- C:\windows\SYSWOW64\user32.dll
2020-03-11 08:13:47 ----A---- C:\windows\SYSWOW64\nshwfp.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\wsecedit.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\wercplsupport.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\werconcpl.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\SearchProtocolHost.exe
2020-03-11 08:13:47 ----A---- C:\windows\system32\profsvc.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\nshwfp.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\netprofmsvc.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\mssph.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\msfeeds.dll
2020-03-11 08:13:47 ----A---- C:\windows\system32\lpksetup.exe
2020-03-11 08:13:47 ----A---- C:\windows\system32\IKEEXT.DLL
2020-03-11 08:13:47 ----A---- C:\windows\system32\drivers\ndiswan.sys
2020-03-11 08:13:47 ----A---- C:\windows\system32\drivers\mountmgr.sys
2020-03-11 08:13:47 ----A---- C:\windows\system32\AxInstSv.dll
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\wsecedit.dll
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\wermgr.exe
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\SearchProtocolHost.exe
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\scecli.dll
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\mssph.dll
2020-03-11 08:13:46 ----A---- C:\windows\SYSWOW64\KernelBase.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\WorkfoldersControl.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\wermgr.exe
2020-03-11 08:13:46 ----A---- C:\windows\system32\scecli.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\rasmans.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\profext.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\netprofm.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\netman.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\jscript.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\drivers\agilevpn.sys
2020-03-11 08:13:46 ----A---- C:\windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 08:13:46 ----A---- C:\windows\system32\AppXDeploymentExtensions.dll
2020-03-11 08:13:45 ----A---- C:\windows\SYSWOW64\profext.dll
2020-03-11 08:13:45 ----A---- C:\windows\SYSWOW64\mf3216.dll
2020-03-11 08:13:45 ----A---- C:\windows\system32\vpnike.dll
2020-03-11 08:13:45 ----A---- C:\windows\system32\mssprxy.dll
2020-03-11 08:13:45 ----A---- C:\windows\system32\mf3216.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\wininet.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\urlmon.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\netprofm.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\mprddm.dll
2020-03-11 08:13:44 ----A---- C:\windows\SYSWOW64\FWPUCLNT.DLL
2020-03-11 08:13:44 ----A---- C:\windows\system32\webcheck.dll
2020-03-11 08:13:44 ----A---- C:\windows\system32\mprddm.dll
2020-03-11 08:13:44 ----A---- C:\windows\system32\FWPUCLNT.DLL
2020-03-11 08:13:44 ----A---- C:\windows\system32\BFE.DLL
2020-03-11 08:13:43 ----A---- C:\windows\SYSWOW64\vbscript.dll
2020-03-11 08:13:43 ----A---- C:\windows\SYSWOW64\jscript.dll
2020-03-11 08:13:43 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2020-03-11 08:13:43 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2020-03-11 08:13:43 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\vbscript.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\npmproxy.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\nlmproxy.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\mshtmled.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\inetcomm.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\ieui.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\ieapfltr.dll
2020-03-11 08:13:43 ----A---- C:\windows\system32\ie4uinit.exe
2020-03-11 08:13:42 ----A---- C:\windows\SYSWOW64\webcheck.dll
2020-03-11 08:13:42 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2020-03-11 08:13:42 ----A---- C:\windows\SYSWOW64\msfeedsbs.dll
2020-03-11 08:13:42 ----A---- C:\windows\SYSWOW64\iepeers.dll
2020-03-11 08:13:42 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2020-03-11 08:13:42 ----A---- C:\windows\system32\MshtmlDac.dll
2020-03-11 08:13:42 ----A---- C:\windows\system32\msfeedsbs.dll
2020-03-11 08:13:42 ----A---- C:\windows\system32\iepeers.dll
2020-03-11 08:13:42 ----A---- C:\windows\system32\dxtrans.dll
2020-03-11 08:08:08 ----A---- C:\windows\SYSWOW64\poqexec.exe
2020-03-11 08:08:08 ----A---- C:\windows\system32\poqexec.exe
2020-03-07 19:08:55 ----A---- C:\windows\system32\aswBoot.exe
2020-03-06 16:38:26 ----A---- C:\windows\system32\drivers\aswStm.sys
2020-03-06 16:38:26 ----A---- C:\windows\system32\drivers\aswMonFlt.sys

======List of files/folders modified in the last 1 month======

2020-03-17 20:15:28 ----D---- C:\windows\system32\drivers\etc
2020-03-17 20:15:28 ----D---- C:\Program Files\trend micro
2020-03-17 20:11:12 ----D---- C:\windows\Temp
2020-03-17 20:02:00 ----D---- C:\windows\system32\sru
2020-03-17 17:22:16 ----AD---- C:\Windows
2020-03-17 16:54:04 ----D---- C:\windows\Microsoft.NET
2020-03-17 16:35:32 ----D---- C:\windows\system32\config
2020-03-17 14:50:07 ----D---- C:\windows\Prefetch
2020-03-17 08:28:25 ----D---- C:\Users\Jindřich\AppData\Roaming\uTorrent
2020-03-17 08:28:19 ----D---- C:\windows\Inf
2020-03-17 08:27:46 ----D---- C:\windows\system32\Macromed
2020-03-17 08:27:44 ----D---- C:\windows\SYSWOW64\Macromed
2020-03-17 08:27:40 ----D---- C:\windows\system32\Tasks
2020-03-17 08:27:21 ----AD---- C:\windows\System32
2020-03-17 08:27:21 ----A---- C:\windows\system32\PerfStringBackup.INI
2020-03-16 06:25:06 ----SHD---- C:\windows\Installer
2020-03-16 06:25:06 ----SHD---- C:\Config.Msi
2020-03-13 14:02:23 ----SHD---- C:\System Volume Information
2020-03-13 08:32:38 ----D---- C:\windows\rescache
2020-03-12 19:59:50 ----D---- C:\windows\SysWOW64
2020-03-12 19:59:47 ----D---- C:\windows\WinSxS
2020-03-12 19:59:33 ----D---- C:\windows\system32\DriverStore
2020-03-12 19:57:34 ----D---- C:\windows\SYSWOW64\en-US
2020-03-12 19:57:34 ----D---- C:\windows\SYSWOW64\cs-CZ
2020-03-12 19:57:34 ----D---- C:\windows\system32\setup
2020-03-12 19:57:34 ----D---- C:\windows\system32\en-US
2020-03-12 19:57:34 ----D---- C:\windows\system32\drivers
2020-03-12 19:57:34 ----D---- C:\windows\system32\cs-CZ
2020-03-12 19:57:34 ----D---- C:\Program Files\Internet Explorer
2020-03-12 19:57:34 ----D---- C:\Program Files (x86)\Internet Explorer
2020-03-12 19:57:30 ----D---- C:\windows\CbsTemp
2020-03-12 19:57:06 ----D---- C:\windows\SoftwareDistribution
2020-03-12 13:21:51 ----D---- C:\windows\debug
2020-03-12 06:59:11 ----SD---- C:\Users\Jindřich\AppData\Roaming\Microsoft
2020-03-11 16:37:41 ----D---- C:\windows\system32\MRT
2020-03-11 16:34:30 ----AC---- C:\windows\system32\MRT.exe
2020-03-11 12:37:04 ----D---- C:\windows\system32\NDF
2020-03-11 08:07:39 ----D---- C:\windows\system32\catroot2
2020-03-11 08:07:17 ----A---- C:\windows\SYSWOW64\mssvp.dll
2020-03-11 08:07:16 ----A---- C:\windows\system32\mssvp.dll
2020-03-11 08:07:16 ----A---- C:\windows\system32\mssphtb.dll
2020-03-09 17:15:58 ----D---- C:\ProgramData\Package Cache
2020-03-09 17:15:58 ----D---- C:\ProgramData\Hotspot Shield
2020-03-09 17:15:40 ----D---- C:\Program Files (x86)\Hotspot Shield
2020-02-18 18:24:59 ----D---- C:\windows\system32\SecureBootUpdates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2020-03-06 37864]
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2020-03-06 206608]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2020-03-06 64272]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2020-03-06 84056]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2020-03-06 316256]
R0 iaStorA;iaStorA; C:\windows\System32\drivers\iaStorA.sys [2014-03-26 645992]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2020-03-06 205576]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2020-03-06 271120]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2020-03-06 279360]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2020-03-06 42976]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2020-03-06 110560]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2020-03-06 848672]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2020-03-11 458584]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2020-03-06 175400]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2020-03-06 235184]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2009-08-14 11576]
R3 ACPIVPC;@oem65.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2015-02-09 35600]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2019-05-03 81920]
R3 dtlitescsibus;@oem93.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\windows\System32\drivers\dtlitescsibus.sys [2019-03-04 42256]
R3 dtliteusbbus;@oem99.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\windows\System32\drivers\dtliteusbbus.sys [2019-03-04 59360]
R3 ibtusb;@oem60.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R) 4.0; C:\windows\system32\DRIVERS\ibtusb.sys [2013-10-18 142280]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2014-03-10 3729920]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2014-01-21 3849304]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2014-03-07 450520]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\windows\System32\drivers\iwdbus.sys [2014-03-01 27032]
R3 MEIx64;@oem4.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\windows\system32\DRIVERS\TeeDriverx64.sys [2013-09-16 99288]
R3 NETwNb64;@oem12.inf,___ %NIC_Service_DispName_WINB_64%;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit; C:\windows\system32\DRIVERS\Netwbw02.sys [2014-02-18 3433952]
R3 rtsuvc;@oem25.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2013-10-17 8876248]
R3 SensorsHIDClassDriver;@sensorshidclassdriver.inf,%WudfSensorsHIDClassDriverDisplayName%;UMDF Reflector service for SensorsHIDClassDriver; C:\windows\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SensorsServiceDriver;@sensorsservicedriver.inf,%WudfSensorsServiceDriverDisplayName%;UMDF Reflector service for SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [2014-10-29 226304]
R3 SmbDrvI;SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-12-19 34544]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Ovladač digitálního fotoaparátu pro sériový port; C:\windows\system32\DRIVERS\serscan.sys [2014-10-29 11776]
R3 SynTP;@oem62.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2013-12-19 532720]
R3 tap0901;@oem76.inf,%DeviceDescription%;TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\tap0901.sys [2016-04-21 27136]
R3 tap0901t;@oem67.inf,%DeviceDescription%;TAP-Win32 Adapter V9 (Tunngle); C:\windows\system32\DRIVERS\tap0901t.sys [2016-04-26 39464]
R3 taphss6;@oem94.inf,%DeviceDescription%;Anchorfree HSS VPN Adapter; C:\windows\system32\DRIVERS\taphss6.sys [2017-06-15 42064]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\windows\system32\drivers\mfeelamk.sys [2015-07-02 80920]
S3 AFTrafMgr1.4;AFTrafMgr1.4; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys []
S3 AX88772;@netax88772.inf,%AX88772.DeviceDesc%;ASIX AX88772 USB2.0 to Fast Ethernet Adapter; C:\windows\system32\DRIVERS\ax88772.sys [2013-07-18 113864]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\windows\system32\drivers\BthA2DP.sys [2015-01-30 132608]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2019-08-04 53248]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\windows\system32\DRIVERS\BthHfAud.sys [2014-10-08 32768]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Zařízení Bluetooth (síť PAN); C:\windows\System32\drivers\bthpan.sys [2017-07-06 119296]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2019-10-25 1208320]
S3 dg_ssudbus;@oem101.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2019-07-09 135520]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys [2014-03-01 38296]
S3 KMWDFILTER;HIDServiceDesc; C:\windows\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBVSTOR;@oem11.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2013-09-24 329944]
S3 ssudmdm;@oem100.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2019-07-09 166752]
S3 usb_rndisx;@netrndis.inf,%usb_rndis.Service.DispName%;Adaptér USB RNDIS; C:\windows\system32\DRIVERS\usb8023x.sys [2015-04-25 20992]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2020-03-06 413472]
R2 CCSDK;CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [2014-07-10 592880]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-02-05 11597176]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2014-01-18 632048]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2015-09-02 8704]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2014-06-24 176128]
R2 hshld_9.6.3;Hotspot Shield Service 9.6.3; C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe [2020-02-28 207744]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-03-26 16232]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\windows\system32\igfxCUIService.exe [2014-03-10 282072]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-09-16 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2015-12-14 584664]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2015-02-09 198192]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 LsvUIService;LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [2015-02-09 70416]
R2 MaxthonUpdateSvc;Maxthon Core Update Service; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [2018-02-10 1880864]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 PG_Service_Launcher;PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [2014-02-25 512776]
R2 PGService;PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [2014-02-25 167176]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [2015-02-09 285712]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 PnkBstrA;PnkBstrA; C:\windows\syswow64\PnkBstrA.exe [2015-10-17 66872]
R2 PnkBstrB;PnkBstrB; C:\windows\syswow64\PnkBstrB.exe [2015-10-17 107832]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2014-01-18 154864]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-24 390632]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2016-08-26 339968]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2020-03-06 6046624]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2019-03-04 4132456]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-03-17 335416]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\system32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\windows\SysWow64\IntelCpHeciSvc.exe [2014-03-10 279000]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\elevation_service.exe [2020-02-29 1113072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11 144200]
S3 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-09-23 561408]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-01-18 284912]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 264496]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [2015-02-09 304144]
S3 TunngleService;TunngleService; C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe [2016-12-15 838128]
S4 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2015-02-09 67856]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#2 Příspěvek od Diallix »

Dobry den.

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#3 Příspěvek od Šmíďák »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-17-2020
# Duration: 00:00:23
# OS: Windows 8.1
# Cleaned: 89
# Failed: 0


***** [ Services ] *****

Deleted Update service

***** [ Folders ] *****

Deleted C:\Program Files (x86)\ContentPush
Deleted C:\Program Files (x86)\Microleaves
Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Program Files (x86)\UCBrowser
Deleted C:\Program Files\SaFiPlayer
Deleted C:\ProgramData\CloudPrinter
Deleted C:\ProgramData\Hotfresh
Deleted C:\ProgramData\Hotfreshs
Deleted C:\ProgramData\Logic Handler
Deleted C:\ProgramData\Microleaves
Deleted C:\ProgramData\Pokki
Deleted C:\Users\Jindřich\AppData\Local\Pokki
Deleted C:\Users\Jindřich\AppData\Local\UCBrowser
Deleted C:\Users\Jindřich\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
Deleted C:\Users\Jindřich\AppData\Roaming\Kuaizip
Deleted C:\Users\Jindřich\AppData\Roaming\Microleaves
Deleted C:\Users\Jindřich\AppData\Roaming\Seznam.cz
Deleted C:\Users\Jindřich\AppData\Roaming\Softlink

***** [ Files ] *****

Deleted C:\Users\Jindřich\AppData\Roaming\Config.xml
Deleted C:\Users\Jindřich\AppData\Roaming\InstallationConfiguration.xml
Deleted C:\Users\Jindřich\AppData\Roaming\Installer.dat
Deleted C:\Users\Jindřich\AppData\Roaming\Main.dat
Deleted C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\invalidprefs.js
Deleted C:\Users\Jindřich\AppData\Roaming\agent.dat
Deleted C:\Users\Jindřich\AppData\Roaming\md.xml
Deleted C:\Users\Jindřich\AppData\Roaming\noah.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\pokki
Deleted HKCU\Software\Conduit
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Pokki
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Deleted HKCU\Software\Pokki
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{206B99C5-CBDE-4800-A7DB-E73E0CD23EC6}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{51DF7699-740A-4E51-B356-16841C5A7CE4}
Deleted HKLM\Software\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted HKLM\Software\Wow6432Node\\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted Wize Search SafeFinder - feeilhmlfcpfchpbgoknoeefdkbgionj

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1
Deleted Preinstalled.LenovoEnergyManager Folder C:\Program Files (x86)\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\ENERGY MANAGER
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Energy Manager
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Lenovo Utility
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Energy Manager
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Lenovo Utility
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoEnergyManager Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{AC768037-7079-4658-AC24-2897650E0ABE}
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Jindřich\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo Dependency Package_is1
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0788641D-D31A-478D-BB34-C41564AE9F93}
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{3117B53D-A409-4D99-A0DE-11A1A40696FA}
Deleted Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Yoga PhoneCompanion
Deleted Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|Yoga PhoneCompanion
Deleted Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Deleted Preinstalled.LenovoPhoneCompanion Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Folder C:\Users\Jindřich\AppData\Local\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Deleted Preinstalled.LenovoSmartVoice Folder C:\Program Files (x86)\LENOVO\LENOVO SMART VOICE
Deleted Preinstalled.LenovoSmartVoice Folder C:\ProgramData\LENOVO\LENOVO SMART VOICE
Deleted Preinstalled.LenovoSmartVoice Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\LENOVO SMART VOICE
Deleted Preinstalled.LenovoSmartVoice Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E57B9649-7CA9-4935-86A5-F343FDBF55A6}
Deleted Preinstalled.LenovoSmartVoice Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo Smart Voice
Deleted Preinstalled.LenovoSmartVoice Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Lenovo SmartVoice
Deleted Preinstalled.LenovoSmartVoice Task C:\Windows\System32\Tasks\LENOVO SMART VOICE
Deleted Preinstalled.LenovoYogaPicks Folder C:\Program Files (x86)\LENOVO\YOGA PICKS
Deleted Preinstalled.LenovoYogaPicks Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\YOGA PICKS
Deleted Preinstalled.LenovoYogaPicks Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [10316 octets] - [17/03/2020 20:55:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#4 Příspěvek od Diallix »

Tam toho bolo teda.


Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#5 Příspěvek od Šmíďák »

FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by Jindřich (administrator) on BELZEBUB (LENOVO 20344) (17-03-2020 21:33:05)
Running from C:\Users\Jindřich\Desktop
Loaded Profiles: Jindřich (Available Profiles: Jindřich)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\Jindřich\Programy\Firefox\firefox.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AnchorFree Inc -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe
(AnchorFree Inc -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\hsscp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-17] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22256824 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe [735336 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\RunOnce: [Uninstall C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {2885be57-3f72-11e6-82c5-5cc5d4cb0f51} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {4debe587-589f-11e5-8263-5cc5d4cb0f51} - "I:\Setup.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f1c-5a3e-11e5-8267-5cc5d4cb0f51} - "E:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f20-5a3e-11e5-8267-5cc5d4cb0f51} - "F:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f24-5a3e-11e5-8267-5cc5d4cb0f51} - "G:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35B75F2E-8E46-4C7E-95B3-B89B0558DE85} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f19cbf91c392 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {36B923AA-67F8-40B1-99AC-E8ADDB17A173} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {39306C63-B0FF-4DBA-A1EA-AED42CC2E981} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
Task: {39C1B2E3-9E70-4AA3-A36F-2E8E48114841} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {3D5F5F7A-90E4-4547-9953-2DDDCB74C8DF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {4093F9C8-8976-487B-9F9B-BBA655D6764D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {44994F70-81FD-409A-8692-B4A7C5C947DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {486D9419-6FCF-4BD5-9C30-7457C6D39979} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {5D55B622-80BA-4C0D-800C-8BEBF3F84AC3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {646319C7-53CE-4E0F-BD31-7F634E42D29E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A90EA16-9B1B-4E52-BDD8-3719655D27D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {712C6892-1008-4913-8B5E-A6DC20D52B7F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {80AE74C2-2D79-41D8-807F-CFDB9DE835CC} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {815500A7-3D42-4DF9-A93F-DED6BC3BED91} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {85FDCE88-CA30-4C5C-9E8E-4FB81334F4A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {8E1478F0-20D4-44FA-A6F3-C4ACD896F9F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DC8A8DB-23FE-45CE-BB6D-2BF4E46A3B3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DDE9D3F-DDA7-4A20-8D33-94EA1C9AAC4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {A2312BBC-20BD-4E2B-9B57-D7E37043F8F8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349960 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A88EBCBA-9DC8-4E9B-AD55-F36F620151B9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B1F13B13-35F5-4D44-B223-F75A7918D356} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe
Task: {B6E50834-1667-491D-AC9C-4C4195203380} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {D73E5CE5-24E3-4362-9C23-D3CF85C747B4} - System32\Tasks\Opera scheduled Autoupdate 1551689268 => C:\Users\Jindřich\AppData\Local\Programs\Opera\launcher.exe
Task: {D8B901D4-A9B3-44BF-8CF5-ACC1D1132C77} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {DF5D7796-C80F-461C-A9B1-6A81C023F0CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5873D50-BF29-482E-9DFD-73A0DEAD2839} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5C14D5-D4DC-4E01-B89E-F1553BFEE665} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EFD04359-EABC-4F92-A086-B1FC440A9BD0} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {F4293303-51E1-4476-97EB-973D0E661C1A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA338327-BFB4-42E6-98BD-9F28EF5CE001} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-17] (Adobe Inc. -> Adobe)
Task: {FA7E279B-B2A7-4039-8813-8BCF02E63D12} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {FD5AC75B-1651-4D35-806B-28FB712E143D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-17] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0FAA79A6-06A9-4259-8D04-2F5FCB67F7FD}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{5AE36E25-E411-488C-9D5B-0574FBBF2C12}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{5FC00B4B-2BCC-4E63-A68A-DBD5AA963526}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{D93D251B-3FCC-4952-8826-57D935628C58}: [DhcpNameServer] 169.254.132.69

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__yaie
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> DefaultScope {26417749-62E4-4DFD-9ED2-4B0D45671722} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180523__yaie&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5kd5qg9f.default
FF ProfilePath: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default [2020-03-17]
FF Homepage: Mozilla\Firefox\Profiles\5kd5qg9f.default -> hxxps://www.centrum.cz/
FF NewTab: Mozilla\Firefox\Profiles\5kd5qg9f.default -> hxxps://search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180523__yaff
FF Session Restore: Mozilla\Firefox\Profiles\5kd5qg9f.default -> is enabled.
FF Extension: (Youtube to audio converter) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\2conv@hotger.com.xpi [2017-11-24]
FF Extension: (Mendeley Importer WebExtension) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\@mendeleyimporter.xpi [2018-07-31] [UpdateUrl:hxxps://static.mendeley.com/bin/extensions/firefox/updates.json]
FF Extension: (Firefox Hotfix) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-06-25] [Legacy]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2019-12-13]
FF Extension: (YouTube Classic) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{6acd0f4d-ab79-4b79-9b28-8bde65ae355c}.xpi [2019-06-11]
FF Extension: (No Name) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF Extension: (Running Foxes by MaDonna) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2020-01-14]
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-17] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-17] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Users\Jindřich\Programy\Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default [2020-03-17]
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-18]
CHR Extension: (Dokumenty) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Disk Google) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-10-24]
CHR Extension: (Wize Search SafeFinder) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj [2017-08-16]
CHR Extension: (Tabulky) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-04]
CHR Extension: (Avast Online Security) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-24]
CHR Extension: (Gmail) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-24]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597176 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 hshld_9.6.3; C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe [207744 2020-02-28] (AnchorFree Inc -> Pango Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-10] (Maxthon (Asia) Limited. -> Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] (Intel Corporation-Mobile Wireless Group -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG -> Nero AG)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2015-10-17] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [107832 2015-10-17] (Even Balance, Inc. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S3 TunngleService; C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
S4 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-02-09] (Lenovo (Beijing) Limited -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [X]
S2 Lenovo System Agent Service; "C:\Program Files\Lenovo\iMController\SystemAgentService.exe" [X]
S2 LsvUIService; "C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe" [X]
S2 YogaPicks.AppService; "C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37864 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205576 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [206608 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [64272 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [279360 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42976 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175400 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110560 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84056 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848672 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [235184 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316256 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 bcmfn2; C:\windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [42256 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [59360 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 KMWDFILTER; C:\windows\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tap0901t; C:\windows\system32\DRIVERS\tap0901t.sys [39464 2016-04-26] (Tunngle.net GmbH -> Tunngle.net GmbH)
R3 taphss6; C:\windows\system32\DRIVERS\taphss6.sys [42064 2017-06-15] (AnchorFree Inc -> Anchorfree Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S3 AFTrafMgr1.4; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-17 21:33 - 2020-03-17 21:33 - 000037758 _____ C:\Users\Jindřich\Desktop\FRST.txt
2020-03-17 21:32 - 2020-03-17 21:33 - 000000000 ____D C:\FRST
2020-03-17 21:32 - 2020-03-17 21:31 - 002279936 _____ (Farbar) C:\Users\Jindřich\Desktop\FRST64.exe
2020-03-17 21:31 - 2020-03-17 21:31 - 002279936 _____ (Farbar) C:\Users\Jindřich\Downloads\FRST64.exe
2020-03-17 20:54 - 2020-03-17 20:56 - 000000000 ____D C:\AdwCleaner
2020-03-17 20:53 - 2020-03-17 20:53 - 008199856 _____ (Malwarebytes) C:\Users\Jindřich\Desktop\adwcleaner_8.0.3.exe
2020-03-17 20:52 - 2020-03-17 20:53 - 008199856 _____ (Malwarebytes) C:\Users\Jindřich\Downloads\adwcleaner_8.0.3.exe
2020-03-17 20:15 - 2020-03-17 20:15 - 001222144 _____ C:\Users\Jindřich\Downloads\RSITx64.exe
2020-03-17 20:15 - 2020-03-17 20:15 - 000000000 ____D C:\rsit
2020-03-17 08:26 - 2020-03-17 08:27 - 022195736 _____ (Piriform Software Ltd) C:\Users\Jindřich\Downloads\ccsetup564.exe
2020-03-16 15:34 - 2020-03-16 15:34 - 000000000 ____D C:\Users\Jindřich\Downloads\Subs
2020-03-16 09:05 - 2020-03-16 09:05 - 000000267 ____R C:\Users\Jindřich\Downloads\Jojo.Rabbit.2019.1080p.WEBRip.x264.AAC5.1-[YTS.MX].srt
2020-03-13 17:06 - 2020-03-13 17:06 - 000000267 ____R C:\Users\Jindřich\Downloads\Spies.In.Disguise.2019.1080p.BluRay.x264.AAC5.1-[YTS.MX].srt
2020-03-12 21:43 - 2020-03-16 09:29 - 1941913900 ____R C:\Users\Jindřich\Downloads\Spies.In.Disguise.2019.1080p.BluRay.x264.AAC5.1-[YTS.MX].mp4
2020-03-12 21:13 - 2020-03-16 09:08 - 2067499279 ____R C:\Users\Jindřich\Downloads\Jojo.Rabbit.2019.1080p.WEBRip.x264.AAC5.1-[YTS.MX].mp4
2020-03-11 13:41 - 2020-03-11 13:44 - 454183187 _____ C:\Users\Jindřich\Downloads\freevideo.cz-ty-vole-tys-mi-vosukal-nevestu-720p.mp4
2020-03-11 13:41 - 2020-03-11 13:44 - 447793458 _____ C:\Users\Jindřich\Downloads\freevideo.cz-petra-z-rychlych-prachu-zase-prca-za-prachy-720p.mp4
2020-03-11 08:13 - 2020-03-05 03:30 - 001542920 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-03-11 08:13 - 2020-03-05 01:50 - 001479680 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2020-03-11 08:13 - 2020-03-05 01:23 - 000274944 _____ (Microsoft Corporation) C:\windows\system32\scecli.dll
2020-03-11 08:13 - 2020-03-04 07:58 - 001335808 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2020-03-11 08:13 - 2020-03-04 07:43 - 001377792 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-03-11 08:13 - 2020-03-04 07:40 - 000214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\scecli.dll
2020-03-11 08:13 - 2020-03-04 01:40 - 007362288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-03-11 08:13 - 2020-03-04 01:39 - 002013936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2020-03-11 08:13 - 2020-02-25 03:25 - 003329536 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-03-11 08:13 - 2020-02-25 03:22 - 003634688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-03-11 08:13 - 2020-02-15 17:45 - 001728000 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-03-11 08:13 - 2020-02-15 17:41 - 001546240 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 08:13 - 2020-02-13 19:22 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2020-03-11 08:13 - 2020-02-13 19:20 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2020-03-11 08:13 - 2020-02-13 19:03 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2020-03-11 08:13 - 2020-02-13 18:42 - 000133120 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2020-03-11 08:13 - 2020-02-13 18:39 - 000905728 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2020-03-11 08:13 - 2020-02-13 18:38 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2020-03-11 08:13 - 2020-02-13 18:25 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2020-03-11 08:13 - 2020-02-13 18:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 08:13 - 2020-02-13 18:17 - 002750464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2020-03-11 08:13 - 2020-02-13 17:59 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2020-03-11 08:13 - 2020-02-13 17:58 - 000711168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2020-03-11 08:13 - 2020-02-13 11:35 - 001765064 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2020-03-11 08:13 - 2020-02-13 07:23 - 001489512 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2020-03-11 08:13 - 2020-02-13 06:26 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 08:13 - 2020-02-13 06:06 - 000861184 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-03-11 08:13 - 2020-02-13 05:42 - 000459264 _____ (Microsoft Corporation) C:\windows\system32\upnphost.dll
2020-03-11 08:13 - 2020-02-13 05:41 - 002780160 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2020-03-11 08:13 - 2020-02-13 05:11 - 000332800 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnphost.dll
2020-03-11 08:13 - 2020-02-13 05:06 - 002464256 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2020-03-11 08:13 - 2020-02-12 00:09 - 001368288 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-03-11 08:13 - 2020-02-11 15:15 - 025753600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-03-11 08:13 - 2020-02-11 15:01 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-03-11 08:13 - 2020-02-11 14:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2020-03-11 08:13 - 2020-02-11 14:50 - 002911232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-03-11 08:13 - 2020-02-11 14:48 - 000580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-03-11 08:13 - 2020-02-11 14:48 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2020-03-11 08:13 - 2020-02-11 14:39 - 020290048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-03-11 08:13 - 2020-02-11 14:38 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2020-03-11 08:13 - 2020-02-11 14:37 - 005500416 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-03-11 08:13 - 2020-02-11 14:37 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-03-11 08:13 - 2020-02-11 14:30 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2020-03-11 08:13 - 2020-02-11 14:23 - 000496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-03-11 08:13 - 2020-02-11 14:21 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2020-03-11 08:13 - 2020-02-11 14:20 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-03-11 08:13 - 2020-02-11 14:16 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2020-03-11 08:13 - 2020-02-11 14:15 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-03-11 08:13 - 2020-02-11 14:14 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2020-03-11 08:13 - 2020-02-11 14:13 - 000660992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-03-11 08:13 - 2020-02-11 14:13 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-03-11 08:13 - 2020-02-11 14:09 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-03-11 08:13 - 2020-02-11 14:03 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-03-11 08:13 - 2020-02-11 14:02 - 015468544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-03-11 08:13 - 2020-02-11 14:01 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-03-11 08:13 - 2020-02-11 14:01 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2020-03-11 08:13 - 2020-02-11 13:58 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-03-11 08:13 - 2020-02-11 13:57 - 000052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2020-03-11 08:13 - 2020-02-11 13:55 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-03-11 08:13 - 2020-02-11 13:55 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2020-03-11 08:13 - 2020-02-11 13:52 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-03-11 08:13 - 2020-02-11 13:50 - 004112384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-03-11 08:13 - 2020-02-11 13:50 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-03-11 08:13 - 2020-02-11 13:49 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-03-11 08:13 - 2020-02-11 13:48 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2020-03-11 08:13 - 2020-02-11 13:47 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-03-11 08:13 - 2020-02-11 13:47 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-03-11 08:13 - 2020-02-11 13:47 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-03-11 08:13 - 2020-02-11 13:46 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-03-11 08:13 - 2020-02-11 13:44 - 013854208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-03-11 08:13 - 2020-02-11 13:40 - 001493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-03-11 08:13 - 2020-02-11 13:35 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-03-11 08:13 - 2020-02-11 13:29 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-03-11 08:13 - 2020-02-11 13:25 - 001332224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-03-11 08:13 - 2020-02-11 13:24 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-03-11 08:13 - 2020-02-11 13:24 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-03-11 08:13 - 2020-02-08 21:05 - 000537824 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-03-11 08:13 - 2020-02-08 21:04 - 000140128 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-03-11 08:13 - 2020-02-08 19:32 - 000450536 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-03-11 08:13 - 2020-02-08 19:32 - 000136744 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-03-11 08:13 - 2020-02-08 18:55 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2020-03-11 08:13 - 2020-02-08 18:32 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-03-11 08:13 - 2020-02-08 18:10 - 000112128 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2020-03-11 08:13 - 2020-02-08 18:09 - 000933888 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-03-11 08:13 - 2020-02-08 18:04 - 001254912 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-03-11 08:13 - 2020-02-08 17:52 - 000255488 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-03-11 08:13 - 2020-02-08 17:52 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\nlmproxy.dll
2020-03-11 08:13 - 2020-02-08 17:50 - 000550912 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-03-11 08:13 - 2020-02-08 17:50 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\profext.dll
2020-03-11 08:13 - 2020-02-08 17:35 - 000210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2020-03-11 08:13 - 2020-02-08 17:35 - 000046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\profext.dll
2020-03-11 08:13 - 2020-02-08 17:28 - 000266752 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-03-11 08:13 - 2020-02-07 19:46 - 000784896 _____ (Microsoft Corporation) C:\windows\system32\lpksetup.exe
2020-03-11 08:13 - 2020-02-07 19:15 - 000787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-03-11 08:13 - 2020-02-07 19:02 - 000229888 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2020-03-11 08:13 - 2020-02-07 18:32 - 001680896 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-03-11 08:13 - 2020-02-05 15:38 - 000205824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys
2020-03-11 08:13 - 2020-02-05 15:38 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2020-03-11 08:13 - 2020-02-05 15:20 - 001544888 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2020-03-11 08:13 - 2020-02-01 18:36 - 000377344 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2020-03-11 08:13 - 2020-02-01 18:07 - 000319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2020-03-11 08:13 - 2020-02-01 17:57 - 000845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2020-03-11 08:13 - 2020-02-01 17:56 - 001080320 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2020-03-11 08:13 - 2020-02-01 17:48 - 000422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2020-03-11 08:13 - 2020-02-01 17:44 - 000429568 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2020-03-11 08:13 - 2020-02-01 17:36 - 000542720 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2020-03-11 08:13 - 2020-02-01 17:34 - 000272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2020-03-11 08:13 - 2020-02-01 17:33 - 000713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2020-03-11 08:13 - 2020-02-01 17:24 - 000562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2020-03-11 08:13 - 2020-01-28 20:53 - 001349120 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-03-11 08:13 - 2020-01-28 20:47 - 000955904 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2020-03-11 08:13 - 2020-01-14 22:05 - 000101832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2020-03-11 08:08 - 2020-02-13 07:03 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-03-11 08:08 - 2020-02-13 06:06 - 000129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-03-09 17:15 - 2020-03-09 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2020-03-07 19:08 - 2020-03-06 16:38 - 000368056 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-03-06 16:49 - 2020-03-06 16:49 - 000001208 _____ C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-03-06 16:38 - 2020-03-06 16:38 - 000235184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-03-06 16:38 - 2020-03-06 16:38 - 000175400 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-17 21:32 - 2016-11-21 16:41 - 000000000 ____D C:\Users\Jindřich\AppData\LocalLow\Mozilla
2020-03-17 21:03 - 2015-09-11 11:37 - 000003598 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3058634117-4252258037-3257375764-1001
2020-03-17 21:03 - 2015-02-09 18:50 - 000966400 _____ C:\windows\system32\perfh005.dat
2020-03-17 21:03 - 2015-02-09 18:50 - 000222924 _____ C:\windows\system32\perfc005.dat
2020-03-17 21:03 - 2014-03-18 10:53 - 000005848 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-17 20:59 - 2018-04-16 12:34 - 000000000 ____D C:\Users\Jindřich\AppData\Local\AVAST Software
2020-03-17 20:58 - 2015-09-11 11:38 - 000000000 __RDO C:\Users\Jindřich\OneDrive
2020-03-17 20:57 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-17 20:56 - 2015-02-09 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-03-17 20:56 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2020-03-17 20:53 - 2020-01-28 16:43 - 000000000 ____D C:\Users\Jindřich\Downloads\Ford V Ferrari (2019) [1080p] [WEBRip] [5.1] [YTS.LT]
2020-03-17 20:53 - 2016-01-25 19:47 - 002551296 ___SH C:\Users\Jindřich\Downloads\Thumbs.db
2020-03-17 20:30 - 2019-03-04 09:47 - 000004082 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1551689268
2020-03-17 20:30 - 2019-01-15 14:19 - 000004534 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-17 20:30 - 2017-10-25 08:43 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2020-03-17 20:30 - 2017-09-26 21:16 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-03-17 20:30 - 2015-09-21 18:06 - 000004476 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-17 20:30 - 2015-09-18 00:01 - 000003260 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore1d0f19cbf91c392
2020-03-17 20:30 - 2015-09-11 11:56 - 000003388 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-17 20:22 - 2015-12-03 23:41 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2020-03-17 20:15 - 2017-10-10 11:18 - 000000000 ____D C:\Program Files\trend micro
2020-03-17 16:19 - 2015-09-11 11:31 - 000000000 ____D C:\Users\Jindřich
2020-03-17 13:45 - 2015-09-11 11:32 - 000000000 ____D C:\Users\Jindřich\AppData\Local\Packages
2020-03-17 08:44 - 2018-07-28 15:19 - 000000000 ____D C:\Users\Jindřich\AppData\Local\CrashDumps
2020-03-17 08:28 - 2015-09-11 12:06 - 000000000 ____D C:\Users\Jindřich\AppData\Roaming\uTorrent
2020-03-17 08:28 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2020-03-17 08:27 - 2015-09-11 12:35 - 000004374 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-03-17 08:27 - 2015-09-11 12:34 - 000000000 ____D C:\Users\Jindřich\AppData\Local\Adobe
2020-03-17 08:27 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-17 08:27 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2020-03-16 18:21 - 2019-03-22 17:15 - 000000000 ____D C:\Users\Jindřich\AppData\Local\BitTorrentHelper
2020-03-16 11:21 - 2017-02-27 19:42 - 000000000 ____D C:\Users\Jindřich\AppData\Local\ElevatedDiagnostics
2020-03-13 16:15 - 2020-01-05 12:40 - 000000000 ____D C:\Users\Jindřich\AppData\LocalLow\uTorrent
2020-03-13 08:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2020-03-12 20:31 - 2015-09-11 12:14 - 000001649 _____ C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-12 20:31 - 2015-09-11 11:43 - 000000000 ____D C:\Users\Jindřich\Programy
2020-03-12 19:58 - 2013-08-22 15:44 - 000494536 _____ C:\windows\system32\FNTCACHE.DAT
2020-03-12 19:57 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\setup
2020-03-12 19:57 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2020-03-11 16:37 - 2015-09-12 15:10 - 000000000 ____D C:\windows\system32\MRT
2020-03-11 16:34 - 2015-09-12 15:10 - 121542864 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2020-03-11 15:09 - 2016-03-19 19:11 - 000458584 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-03-11 12:37 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2020-03-11 08:07 - 2020-01-16 13:24 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2020-03-11 08:07 - 2020-01-16 13:24 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2020-03-11 08:07 - 2020-01-16 13:24 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2020-03-09 17:15 - 2017-09-26 17:00 - 000000000 ____D C:\ProgramData\Hotspot Shield
2020-03-09 17:15 - 2017-09-26 17:00 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2020-03-09 17:15 - 2015-02-09 18:01 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-07 19:09 - 2017-03-03 22:00 - 000003910 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-03-06 16:38 - 2019-02-19 22:11 - 000279360 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2020-03-06 16:38 - 2019-01-21 15:02 - 000271120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000206608 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000064272 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000037864 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-03-06 16:38 - 2018-10-24 21:20 - 000042976 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-03-06 16:38 - 2017-11-09 22:03 - 000205576 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000848672 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000316256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000110560 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000084056 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-03-06 16:38 - 2015-09-11 11:56 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-18 18:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\SecureBootUpdates

==================== Files in the root of some directories ========

2017-01-02 23:48 - 2017-01-02 23:48 - 000054272 _____ () C:\Users\Jindřich\AppData\Roaming\ApplicationHosting.dat
2015-10-16 13:49 - 2015-10-16 13:49 - 000000238 _____ () C:\Users\Jindřich\AppData\Roaming\del.bat
2017-01-02 23:48 - 2017-01-02 23:48 - 000126464 _____ () C:\Users\Jindřich\AppData\Roaming\lobby.dat
2017-01-02 23:48 - 2017-01-02 23:48 - 001907416 _____ () C:\Users\Jindřich\AppData\Roaming\Newdex.tst
2017-01-02 23:48 - 2017-01-02 23:48 - 000072787 _____ () C:\Users\Jindřich\AppData\Roaming\StimQuosoft.tst
2018-09-14 16:04 - 2018-09-14 16:04 - 000000000 _____ () C:\Users\Jindřich\AppData\Local\{AE246800-BBED-4280-819C-23B2D620E266}
2018-09-14 16:06 - 2018-09-14 16:07 - 000000000 _____ () C:\Users\Jindřich\AppData\Local\{CB265A8B-4A72-448C-8755-7CA49B4E330D}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-03-16 07:27
==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#6 Příspěvek od Šmíďák »

ADDITION.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Jindřich (17-03-2020 21:33:50)
Running from C:\Users\Jindřich\Desktop
Windows 8.1 (Update) (X64) (2015-09-11 10:32:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3058634117-4252258037-3257375764-500 - Administrator - Disabled)
Guest (S-1-5-21-3058634117-4252258037-3257375764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3058634117-4252258037-3257375764-1003 - Limited - Enabled)
Jindřich (S-1-5-21-3058634117-4252258037-3257375764-1001 - Administrator - Enabled) => C:\Users\Jindřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{0EBC740B-4363-489B-8C27-98CE0740BA19}) (Version: 18.2.4 - Hewlett-Packard) Hidden
Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.4 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AzwSoft Adobe PDF DRM Removal 8.1.4 (HKLM-x32\...\{EC5DDCE3-100B-4745-A240-8D299052401A}) (Version: 8.1.4 - AzwSoft)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Burnout Paradise Ultimate Box version 1.00.00.1 (HKLM-x32\...\Burnout Paradise Ultimate Box_is1) (Version: 1.00.00.1 - Mr DJ)
Carmageddon (DOSBox 0.74 emulation) (HKLM-x32\...\Carmageddon (DOSBox 0.74 emulation)) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Hotspot Shield 9.6.3 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925E187DF0C}) (Version: 9.6.3.11497 - Pango Inc.) Hidden
Hotspot Shield 9.6.3 (HKLM-x32\...\{dcf15c0a-28c2-4a99-b0dc-5cb941523536}) (Version: 9.6.3.11497 - Pango Inc.)
Hotspot Shield 9.6.3 (HKLM-x32\...\HotspotShield) (Version: 9.6.3 - Pango Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15309.1315 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM-x32\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM125M126 (HKLM-x32\...\{824CF3E6-4809-47E8-AA39-C55FC380DDB7}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{99316707-3412-4DC8-952E-69632DBB58C6}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
IrfanView 4.52 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.52 - Irfan Skiljan)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.10181 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Mendeley Desktop 1.15.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.15.1 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20606 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Teams) (Version: 1.2.00.34161 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Firefox 74.0 (x64 cs) (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Need for Speed Most Wanted (black edition) (HKLM-x32\...\Need for Speed Most Wanted (black edition)) (Version: 1.3 - Electronic Arts)
Nero 7 Ultra Edition (HKLM-x32\...\{293C9DF5-7669-4826-BBB2-E1F182D71029}) (Version: 7.02.8631 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
PDFill FREE PDF Editor Basic (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Re-Volt patch 12.07 (HKLM-x32\...\Re-Volt) (Version: patch 12.07 - )
RollerCoaster Tycoon Deluxe (HKLM-x32\...\{924EAD66-F854-4605-8493-696DD59A113B}) (Version: 1.00.000 - )
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.71 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.34161 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
TotalImageConverter (HKLM-x32\...\Total Image Converter_is1) (Version: 5.1 - Softplicity, Inc.)
TotalPDFConverter (HKLM-x32\...\Total PDF Converter_is1) (Version: 2.8 - Softplicity, Inc.)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-10-10] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2017-10-10] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-10-10] (Evernote)
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2017-10-10] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-10-10] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-10-10] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-10-10] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-10-10] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Yoga Camera Man -> C:\Program Files\WindowsApps\E0469640.YogaCameraMan_1.0.1929.30228_x86__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Yoga Phone Companion -> C:\Program Files\WindowsApps\E0469640.YogaPhoneCompanion_1.1.9.4_x64__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Yoga Picks -> C:\Program Files\WindowsApps\E0469640.YogaPicks_1.6.14.521_x64__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-10-10] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jindřich\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jindřich\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Users\Jindřich\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Users\Jindřich\Programy\TotalImageConverter\axTotalConverter64.dll [2014-03-14] (Softplicity) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Users\Jindřich\Programy\DAEMON Tools Lite\dtshl64.dll [2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Users\Jindřich\Programy\DAEMON Tools Lite\dtshl64.dll [2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.iv50] => C:\windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\windows\System32\hpzjrd01.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2014-11-17 10:43 - 2014-11-17 10:43 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2014-11-17 10:43 - 2014-11-17 10:43 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2015-10-04 11:49 - 2015-08-25 17:24 - 000100352 _____ (Hi-Rez Studios Inc.) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HirezUtils.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2014-03-26 18:22 - 2014-03-26 18:22 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-03-26 18:22 - 2014-03-26 18:22 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\windows\System32\HPTcpMUI.dll
2015-10-04 11:49 - 2015-09-02 12:36 - 000032256 _____ (Microsoft) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\PatcherData.dll
2016-09-19 16:54 - 2014-03-14 08:25 - 003853824 _____ (Softplicity) [File not signed] C:\Users\Jindřich\Programy\TotalImageConverter\axTotalConverter64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\windows\system32\drivers:x86 [1205026]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-03-17 20:15 - 000000061 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B4C8B5AF-E534-4541-A01A-63AA6036703A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{2A69DF33-BEDD-4886-9B27-AE144B9247E1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{6AB92A68-9847-4F0B-8A63-40D06CEB286E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{061F7003-5323-4DCC-8752-E037D0B6D05A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{00226DF9-CED2-4DD2-811A-7486D3875CDA}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{85ACFC96-EFFF-41C3-8EE9-B79D55551C7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A8D579BC-2C63-4E8C-BA4E-76F4C47D23A5}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{4B9FD316-578D-4E45-90A4-BA76440965C3}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{BA32EF2D-9543-4E70-9F38-4C0E239C01F5}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe No File
FirewallRules: [{E030D111-2382-44B1-A034-0B287949D12D}] => (Allow) LPort=55100
FirewallRules: [{E1B27CD1-4322-469F-A42A-087529CBA825}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{A47D1277-CC60-46C4-A61C-37468DDFBD72}] => (Allow) C:\Users\Jindřich\Programy\Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1644589-E39A-4ED6-8582-B7D5CE0659F2}] => (Allow) C:\Users\Jindřich\Programy\Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1C7C2F3-1175-4849-82F7-97D74E1726FD}] => (Allow) C:\Users\Jindřich\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6E664004-3167-4038-935D-96C7093619E0}] => (Allow) C:\Users\Jindřich\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CA2DD3B3-A079-43F2-A39A-FCBCF175BD40}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{55C74A9B-18CA-4C17-A7D1-38F41C871888}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{92B53A1A-4D8C-42EC-81AC-25146194A207}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3F79E5CF-6EC3-4566-B52C-B9BF95F4D217}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E3D967A2-7E47-4039-A4D8-A8FF5007513C}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{779C596C-221B-449D-A554-D0DBCD2ECB1F}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB3FCDA0-DD30-4950-83B6-3274E7D21C3B}] => (Allow) C:\Users\Jindřich\Saved Games\Split Second\SplitSecond.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{76F0F054-494C-48BC-BF3C-B8D0455B477A}] => (Allow) C:\Users\Jindřich\Saved Games\Split Second\SplitSecond.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{0F18D018-F1D0-4EF6-9B83-3D8BB7B6D2AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{68389727-6990-4479-AE96-94638E007C9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3A240BD7-2591-4F70-A246-FBD86990CD11}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EE27C654-4955-450A-B1A4-C8EFB5332E7F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{DB0C208D-80C0-4605-9DEE-C315EC82382F}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A3038B9-72E0-40FE-BFB5-1F3886F21049}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC6A1170-0CF5-4C4C-8FF9-EF1D7CA59099}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{27ADFC77-AEEA-454F-A356-BC5018DA7081}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E4A7B798-C944-4933-BEAD-E401EA25FF1D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE8B75E6-BA90-458F-900B-7BE818F47889}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45A0027-76ED-4230-B0BC-5455675AC674}] => (Allow) C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{C86C3314-CC6B-4AA7-9649-D4D628A214DB}] => (Allow) C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{A72BDB3B-4973-4F28-ACF9-3112887BBA93}] => (Allow) C:\Users\Patejl\Programy\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{376DB867-25D8-4B28-BA65-21CAEB602CF1}] => (Allow) C:\Users\Patejl\Programy\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [TCP Query User{77CF9063-D9E5-4BE7-930A-CB5A10EA6AED}C:\users\jindřich\programy\firefox\firefox.exe] => (Allow) C:\users\jindřich\programy\firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{91B317CB-587A-41E0-87E6-0D2907F02FA7}C:\users\jindřich\programy\firefox\firefox.exe] => (Allow) C:\users\jindřich\programy\firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B1010F6C-CA7E-42BD-AFF3-5D7E05E25182}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{530A9642-04EE-490E-8000-1E63366DA8A6}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{93CD314C-B2C3-452A-A022-F940EAE4EB71}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{09D8EE46-0086-4E1B-85A6-BEDEB20393CA}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{55426309-710D-4D1E-AEDD-733D49F8A38B}] => (Allow) C:\Users\Jindřich\Saved Games\Blur\Blur.exe () [File not signed]
FirewallRules: [{D3B27E51-F56D-4E94-B7EF-A26EC3ECA2AD}] => (Allow) C:\Users\Jindřich\Saved Games\Blur\Blur.exe () [File not signed]
FirewallRules: [{8AE959FB-3C00-4FE3-BA49-008408A92912}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5ECF4C2B-1C0C-401B-971B-8952F6360DFB}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{7B4F780D-8656-4382-BF36-7F1F7696B576}C:\users\jindřich\saved games\blur\blur.exe] => (Allow) C:\users\jindřich\saved games\blur\blur.exe () [File not signed]
FirewallRules: [UDP Query User{E68CCE4A-540C-4C20-BC50-9460166F77D3}C:\users\jindřich\saved games\blur\blur.exe] => (Allow) C:\users\jindřich\saved games\blur\blur.exe () [File not signed]
FirewallRules: [{5AC2E570-8BD1-4BB0-AA66-B3F77A0959B0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0BE8BBF5-5E95-45C2-9276-6EEEBE63278A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90020B76-0589-4354-8FCF-DE1E43A79824}] => (Allow) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{1D6AA93A-818B-4AB7-82FF-E8886EA11E66}C:\users\jindřich\saved games\need for speed most wanted\speed.exe] => (Allow) C:\users\jindřich\saved games\need for speed most wanted\speed.exe () [File not signed]
FirewallRules: [UDP Query User{9E148192-F319-4941-8903-49079C7A204C}C:\users\jindřich\saved games\need for speed most wanted\speed.exe] => (Allow) C:\users\jindřich\saved games\need for speed most wanted\speed.exe () [File not signed]
FirewallRules: [{F47141F8-4843-424A-82C7-E63F7DB409F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0425863C-63E9-4F22-A22E-29B4D978AF67}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE153F77-F913-42CE-858B-BB1109609807}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2974F89-04E5-4532-BCDC-DAE3A39375DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{64C7B697-05D4-4112-8069-9409C7AA0B24}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{58AE29BC-293A-4A52-97E2-01A0421D2295}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-03-2020 20:55:52 AdwCleaner_BeforeCleaning_17/03/2020_20:55:52

==================== Faulty Device Manager Devices ============

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/17/2020 09:03:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/17/2020 09:03:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/17/2020 09:03:29 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/17/2020 10:49:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Svazek WINRE_DRV nebyl optimalizován, protože byla zjištěna chyba: Parametr není správný. (0x80070057).

Error: (03/17/2020 08:44:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RCT.EXE, verze: 0.0.0.0, časové razítko: 0x3e6fb513
Název chybujícího modulu: RCT.EXE, verze: 0.0.0.0, časové razítko: 0x3e6fb513
Kód výjimky: 0xc0000005
Posun chyby: 0x00180a11
ID chybujícího procesu: 0x1f74
Čas spuštění chybující aplikace: 0x01d5fc2fce1aae50
Cesta k chybující aplikaci: C:\Users\Jindřich\Saved Games\Roller Coaster Deluxe\RCT.EXE
Cesta k chybujícímu modulu: C:\Users\Jindřich\Saved Games\Roller Coaster Deluxe\RCT.EXE
ID zprávy: 14921cc1-6823-11ea-83d7-a86ca62de42f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/17/2020 08:28:17 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhostex (3976) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -1032.

Error: (03/17/2020 08:28:17 AM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostex (3976) WebCacheLocal: Pokus o otevření souboru C:\Users\Jindřich\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (03/17/2020 08:27:18 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (03/17/2020 09:00:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/17/2020 08:58:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Hotspot Shield Service 9.6.3 přestala během spouštění reagovat.

Error: (03/17/2020 08:57:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba YogaPicks.AppService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/17/2020 08:57:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba LsvUIService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/17/2020 08:57:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Lenovo System Agent Service neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/17/2020 08:56:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/17/2020 08:56:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/17/2020 08:56:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll


Windows Defender:
===================================
Date: 2016-03-18 14:48:12.287
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98F199DA-C244-4ADB-B38E-803D9BF3B0B5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-18 14:32:57.624
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {947BAB98-70A0-45AB-9CF3-791AA13AEA68}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-16 16:56:26.225
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7654086C-13DB-46AE-9442-47A0BF79CCFD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 18:57:16.930
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8848F556-C120-43AA-8C99-003C4499425C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 16:55:56.505
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CD83A9D7-9295-4CCF-B744-29D35C65E2F8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 19:54:07.496
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.40.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.11804.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.491
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.491
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.472
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-03-15 19:07:16.940
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.40.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.11804.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2018-08-05 19:19:04.338
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:03.854
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:03.367
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:02.881
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:02.400
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:01.913
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:01.368
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:00.861
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO 96CN29WW(V1.15) 10/16/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 29%
Total physical RAM: 8112.96 MB
Available physical RAM: 5716.59 MB
Total Virtual: 13744.96 MB
Available Virtual: 11292.07 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:197.8 GB) (Free:82.51 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.53 GB) NTFS
Drive e: (RCT_DELUXE) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive g: (My Passport) (Fixed) (Total:1862.98 GB) (Free:473.45 GB) NTFS

\\?\Volume{8cee2ca3-2508-4353-b1c9-83c25eff861f}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{20b373c0-f81d-472c-884c-a02b6cd84344}\ (PBR_DRV) (Fixed) (Total:13.34 GB) (Free:3.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 89EB774A)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B152C314)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#7 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {2885be57-3f72-11e6-82c5-5cc5d4cb0f51} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {4debe587-589f-11e5-8263-5cc5d4cb0f51} - "I:\Setup.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f1c-5a3e-11e5-8267-5cc5d4cb0f51} - "E:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f20-5a3e-11e5-8267-5cc5d4cb0f51} - "F:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f24-5a3e-11e5-8267-5cc5d4cb0f51} - "G:\SETUP.EXE"
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {35B75F2E-8E46-4C7E-95B3-B89B0558DE85} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f19cbf91c392 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {36B923AA-67F8-40B1-99AC-E8ADDB17A173} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {4093F9C8-8976-487B-9F9B-BBA655D6764D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {44994F70-81FD-409A-8692-B4A7C5C947DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {5D55B622-80BA-4C0D-800C-8BEBF3F84AC3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A90EA16-9B1B-4E52-BDD8-3719655D27D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {85FDCE88-CA30-4C5C-9E8E-4FB81334F4A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {9DDE9D3F-DDA7-4A20-8D33-94EA1C9AAC4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {B6E50834-1667-491D-AC9C-4C4195203380} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart ... 0523__yaie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> DefaultScope {26417749-62E4-4DFD-9ED2-4B0D45671722} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hsp ... 3__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\5kd5qg9f.default -> hxxps://search.yahoo.com/yhs/web?hspart ... 0523__yaff
FF Extension: (No Name) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF Extension: (Running Foxes by MaDonna) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2020-01-14]
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-17] (Adobe Inc. -> )
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [X]
S2 Lenovo System Agent Service; "C:\Program Files\Lenovo\iMController\SystemAgentService.exe" [X]
S2 LsvUIService; "C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe" [X]
S2 YogaPicks.AppService; "C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe" [X]
S3 AFTrafMgr1.4; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [X]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\windows\system32\drivers:x86 [1205026]
FirewallRules: [{2A69DF33-BEDD-4886-9B27-AE144B9247E1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{6AB92A68-9847-4F0B-8A63-40D06CEB286E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{BA32EF2D-9543-4E70-9F38-4C0E239C01F5}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe No File
FirewallRules: [{E030D111-2382-44B1-A034-0B287949D12D}] => (Allow) LPort=55100

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8 (skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit).
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#8 Příspěvek od Šmíďák »

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Jindřich (18-03-2020 07:37:51) Run:1
Running from C:\Users\Jindřich\Desktop
Loaded Profiles: Jindřich (Available Profiles: Jindřich)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {2885be57-3f72-11e6-82c5-5cc5d4cb0f51} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {4debe587-589f-11e5-8263-5cc5d4cb0f51} - "I:\Setup.exe"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f1c-5a3e-11e5-8267-5cc5d4cb0f51} - "E:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f20-5a3e-11e5-8267-5cc5d4cb0f51} - "F:\SETUP.EXE"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {60430f24-5a3e-11e5-8267-5cc5d4cb0f51} - "G:\SETUP.EXE"
HKLM\Software\...\Authentication\Credential Providers: [AutorunsDisabled] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {35B75F2E-8E46-4C7E-95B3-B89B0558DE85} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f19cbf91c392 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {36B923AA-67F8-40B1-99AC-E8ADDB17A173} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {4093F9C8-8976-487B-9F9B-BBA655D6764D} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {44994F70-81FD-409A-8692-B4A7C5C947DE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {5D55B622-80BA-4C0D-800C-8BEBF3F84AC3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A90EA16-9B1B-4E52-BDD8-3719655D27D6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {85FDCE88-CA30-4C5C-9E8E-4FB81334F4A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {9DDE9D3F-DDA7-4A20-8D33-94EA1C9AAC4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-11] (Google Inc -> Google Inc.)
Task: {B6E50834-1667-491D-AC9C-4C4195203380} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.yahoo.com/yhs/web?hspart ... 0523__yaie
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> DefaultScope {26417749-62E4-4DFD-9ED2-4B0D45671722} URL =
SearchScopes: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hsp ... 3__yaie&p={searchTerms}
FF NewTab: Mozilla\Firefox\Profiles\5kd5qg9f.default -> hxxps://search.yahoo.com/yhs/web?hspart ... 0523__yaff
FF Extension: (No Name) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-12]
FF Extension: (Running Foxes by MaDonna) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2020-01-14]
FF SearchPlugin: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-17] (Adobe Inc. -> )
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [X]
S2 Lenovo System Agent Service; "C:\Program Files\Lenovo\iMController\SystemAgentService.exe" [X]
S2 LsvUIService; "C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe" [X]
S2 YogaPicks.AppService; "C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe" [X]
S3 AFTrafMgr1.4; \??\C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_4_64.sys [X]
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
AlternateDataStreams: C:\windows\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\windows\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\windows\system32\drivers:x86 [1205026]
FirewallRules: [{2A69DF33-BEDD-4886-9B27-AE144B9247E1}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{6AB92A68-9847-4F0B-8A63-40D06CEB286E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe No File
FirewallRules: [{BA32EF2D-9543-4E70-9F38-4C0E239C01F5}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe No File
FirewallRules: [{E030D111-2382-44B1-A034-0B287949D12D}] => (Allow) LPort=55100

EmptyTemp:
*****************

Processes closed successfully.
Restore point was successfully created.
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f44216f-3da3-11e9-83a9-00090ffe0001} => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2885be57-3f72-11e6-82c5-5cc5d4cb0f51} => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4debe587-589f-11e5-8263-5cc5d4cb0f51} => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60430f1c-5a3e-11e5-8267-5cc5d4cb0f51} => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60430f20-5a3e-11e5-8267-5cc5d4cb0f51} => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{60430f24-5a3e-11e5-8267-5cc5d4cb0f51} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\AutorunsDisabled => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{35B75F2E-8E46-4C7E-95B3-B89B0558DE85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35B75F2E-8E46-4C7E-95B3-B89B0558DE85}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1d0f19cbf91c392 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d0f19cbf91c392" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36B923AA-67F8-40B1-99AC-E8ADDB17A173}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36B923AA-67F8-40B1-99AC-E8ADDB17A173}" => removed successfully
C:\windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 35" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4093F9C8-8976-487B-9F9B-BBA655D6764D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4093F9C8-8976-487B-9F9B-BBA655D6764D}" => removed successfully
C:\windows\System32\Tasks\Maxthon Update => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Maxthon Update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44994F70-81FD-409A-8692-B4A7C5C947DE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44994F70-81FD-409A-8692-B4A7C5C947DE}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D55B622-80BA-4C0D-800C-8BEBF3F84AC3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D55B622-80BA-4C0D-800C-8BEBF3F84AC3}" => removed successfully
C:\windows\System32\Tasks\Microsoft\Office\Office Feature Updates Logon => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Feature Updates Logon" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A90EA16-9B1B-4E52-BDD8-3719655D27D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A90EA16-9B1B-4E52-BDD8-3719655D27D6}" => removed successfully
C:\windows\System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Office\Office Automatic Updates 2.0" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{85FDCE88-CA30-4C5C-9E8E-4FB81334F4A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{85FDCE88-CA30-4C5C-9E8E-4FB81334F4A7}" => removed successfully
C:\windows\System32\Tasks\Adobe Acrobat Update Task => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Acrobat Update Task" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9DDE9D3F-DDA7-4A20-8D33-94EA1C9AAC4A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DDE9D3F-DDA7-4A20-8D33-94EA1C9AAC4A}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B6E50834-1667-491D-AC9C-4C4195203380}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6E50834-1667-491D-AC9C-4C4195203380}" => removed successfully
C:\windows\System32\Tasks\DolbySelectorTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DolbySelectorTask" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0C3A6C6-03BC-4195-8FCB-AEA091301353} => removed successfully
"Firefox newtab" => removed successfully
C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi => moved successfully
C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\searchplugins\yahoo-lavasoft-ff59.xml => moved successfully
"HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [2020-03-17] (Adobe Inc." => not found
C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully
HKLM\System\CurrentControlSet\Services\CCSDK => removed successfully
CCSDK => service removed successfully
HKLM\System\CurrentControlSet\Services\Lenovo System Agent Service => removed successfully
Lenovo System Agent Service => service removed successfully
HKLM\System\CurrentControlSet\Services\LsvUIService => removed successfully
LsvUIService => service removed successfully
HKLM\System\CurrentControlSet\Services\YogaPicks.AppService => removed successfully
YogaPicks.AppService => service removed successfully
HKLM\System\CurrentControlSet\Services\AFTrafMgr1.4 => removed successfully
AFTrafMgr1.4 => service removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SHAREit.FileContextMenuExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKU\.DEFAULT\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKU\.DEFAULT\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
C:\windows\system32\drivers => ":ucdrv-x64.sys" ADS removed successfully
C:\windows\system32\drivers => ":x64" ADS removed successfully
C:\windows\system32\drivers => ":x86" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A69DF33-BEDD-4886-9B27-AE144B9247E1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AB92A68-9847-4F0B-8A63-40D06CEB286E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA32EF2D-9543-4E70-9F38-4C0E239C01F5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E030D111-2382-44B1-A034-0B287949D12D}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6368009 B
Java, Flash, Steam htmlcache => 564 B
Windows/system/drivers => 8140423 B
Edge => 0 B
Chrome => 460730357 B
Firefox => 1262609823 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 28617367 B
NetworkService => 28617367 B
Jindřich => 130864834 B

RecycleBin => 845 B
EmptyTemp: => 1.8 GB temporary data Removed.

================================


The system needed a reboot.

==== End 1 Fixlog 07:38:43 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#9 Příspěvek od Diallix »

Ako je na tom pocitac?

Poprosim o nove logy z FRST a ADDITION.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#10 Příspěvek od Šmíďák »

Počítač se zdá, že šlape

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020
Ran by Jindřich (administrator) on BELZEBUB (LENOVO 20344) (18-03-2020 11:02:14)
Running from C:\Users\Jindřich\Desktop
Loaded Profiles: Jindřich (Available Profiles: Jindřich)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Default browser: "C:\Users\Jindřich\Programy\Firefox\firefox.exe" -osint -url "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AnchorFree Inc -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe
(AnchorFree Inc -> Pango Inc.) C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\hsscp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTShellHlp.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hi-Rez Studios) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
(PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\WebcamSplitterServer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-26] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-01-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-17] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [277664 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330040 2014-02-12] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22256824 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Users\Jindřich\Programy\DAEMON Tools Lite\DTAgent.exe [735336 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\RunOnce: [Uninstall C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Jindřich\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\73.0.1270.86\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {39306C63-B0FF-4DBA-A1EA-AED42CC2E981} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3894664 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
Task: {39C1B2E3-9E70-4AA3-A36F-2E8E48114841} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-28] (Avast Software s.r.o. -> Avast Software)
Task: {3D5F5F7A-90E4-4547-9953-2DDDCB74C8DF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [89840 2014-10-19] (Hewlett-Packard Company -> Hewlett Packard)
Task: {486D9419-6FCF-4BD5-9C30-7457C6D39979} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {646319C7-53CE-4E0F-BD31-7F634E42D29E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {712C6892-1008-4913-8B5E-A6DC20D52B7F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {80AE74C2-2D79-41D8-807F-CFDB9DE835CC} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {815500A7-3D42-4DF9-A93F-DED6BC3BED91} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8E1478F0-20D4-44FA-A6F3-C4ACD896F9F2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27366472 2020-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DC8A8DB-23FE-45CE-BB6D-2BF4E46A3B3B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {A2312BBC-20BD-4E2B-9B57-D7E37043F8F8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2349960 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A88EBCBA-9DC8-4E9B-AD55-F36F620151B9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B1F13B13-35F5-4D44-B223-F75A7918D356} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe
Task: {D73E5CE5-24E3-4362-9C23-D3CF85C747B4} - System32\Tasks\Opera scheduled Autoupdate 1551689268 => C:\Users\Jindřich\AppData\Local\Programs\Opera\launcher.exe
Task: {D8B901D4-A9B3-44BF-8CF5-ACC1D1132C77} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {DF5D7796-C80F-461C-A9B1-6A81C023F0CE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6292336 2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5873D50-BF29-482E-9DFD-73A0DEAD2839} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149840 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC5C14D5-D4DC-4E01-B89E-F1553BFEE665} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {EFD04359-EABC-4F92-A086-B1FC440A9BD0} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {F4293303-51E1-4476-97EB-973D0E661C1A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2167704 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA338327-BFB4-42E6-98BD-9F28EF5CE001} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-03-17] (Adobe Inc. -> Adobe)
Task: {FA7E279B-B2A7-4039-8813-8BCF02E63D12} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {FD5AC75B-1651-4D35-806B-28FB712E143D} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_344_Plugin.exe [1458232 2020-03-17] (Adobe Inc. -> Adobe)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{0FAA79A6-06A9-4259-8D04-2F5FCB67F7FD}: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{5AE36E25-E411-488C-9D5B-0574FBBF2C12}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{5FC00B4B-2BCC-4E63-A68A-DBD5AA963526}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{D93D251B-3FCC-4952-8826-57D935628C58}: [DhcpNameServer] 169.254.132.69

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 5kd5qg9f.default
FF ProfilePath: C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default [2020-03-18]
FF Homepage: Mozilla\Firefox\Profiles\5kd5qg9f.default -> hxxps://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\5kd5qg9f.default -> is enabled.
FF Extension: (Youtube to audio converter) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\2conv@hotger.com.xpi [2017-11-24]
FF Extension: (Mendeley Importer WebExtension) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\@mendeleyimporter.xpi [2018-07-31] [UpdateUrl:hxxps://static.mendeley.com/bin/extensions/firefox/updates.json]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2019-12-13]
FF Extension: (YouTube Classic) - C:\Users\Jindřich\AppData\Roaming\Mozilla\Firefox\Profiles\5kd5qg9f.default\Extensions\{6acd0f4d-ab79-4b79-9b28-8bde65ae355c}.xpi [2019-06-11]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_344.dll [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_344.dll [2020-03-17] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Users\Jindřich\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: FIREFOX.EXE - C:\Users\Jindřich\Programy\Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default [2020-03-18]
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-18]
CHR Extension: (Dokumenty) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-18]
CHR Extension: (Disk Google) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-10-24]
CHR Extension: (Wize Search SafeFinder) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj [2017-08-16]
CHR Extension: (Tabulky) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-01-04]
CHR Extension: (Avast Online Security) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-24]
CHR Extension: (Gmail) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-30]
CHR Extension: (Chrome Media Router) - C:\Users\Jindřich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-24]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6046624 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [413472 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11597176 2020-02-05] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4132456 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2015-09-02] (Hi-Rez Studios) [File not signed]
S3 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [File not signed]
R2 hshld_9.6.3; C:\Program Files (x86)\Hotspot Shield\9.6.3\bin\cmw_srv.exe [207744 2020-02-28] (AnchorFree Inc -> Pango Inc.)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282072 2014-03-10] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-10] (Maxthon (Asia) Limited. -> Maxthon)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] (Intel Corporation-Mobile Wireless Group -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-16] (Nero AG -> Nero AG)
R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [167176 2014-02-25] (PointGrab Ltd -> PointGrab LTD)
R2 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [512776 2014-02-25] (PointGrab Ltd -> PointGrab LTD)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [285712 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [304144 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [66872 2015-10-17] (Even Balance, Inc. -> )
R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [107832 2015-10-17] (Even Balance, Inc. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S3 TunngleService; C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe [838128 2016-12-15] (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
S4 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-02-09] (Lenovo (Beijing) Limited -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [33040 2015-02-09] (Lenovo (Beijing) Limited -> Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37864 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [205576 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [271120 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [206608 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [64272 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [279360 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42976 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [175400 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110560 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84056 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [848672 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [458584 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [235184 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [316256 2020-03-06] (Avast Software s.r.o. -> AVAST Software)
S3 AX88772; C:\windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (WDKTestCert asix,130126255272009909 -> ASIX Electronics Corp.)
S3 bcmfn2; C:\windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [135520 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [42256 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [59360 2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [142280 2013-10-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 KMWDFILTER; C:\windows\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3433952 2014-02-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11968 2000-06-27] () [File not signed]
R3 SensorsServiceDriver; C:\windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-19] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tap0901t; C:\windows\system32\DRIVERS\tap0901t.sys [39464 2016-04-26] (Tunngle.net GmbH -> Tunngle.net GmbH)
R3 taphss6; C:\windows\system32\DRIVERS\taphss6.sys [42064 2017-06-15] (AnchorFree Inc -> Anchorfree Inc.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-18 07:37 - 2020-03-18 07:38 - 000017373 _____ C:\Users\Jindřich\Desktop\Fixlog.txt
2020-03-18 07:36 - 2020-03-18 07:36 - 000000000 _____ C:\Users\Jindřich\Desktop\Nový textový dokument.txt
2020-03-17 21:33 - 2020-03-18 11:02 - 000033010 _____ C:\Users\Jindřich\Desktop\FRST.txt
2020-03-17 21:33 - 2020-03-17 21:34 - 000053937 _____ C:\Users\Jindřich\Desktop\Addition.txt
2020-03-17 21:32 - 2020-03-18 11:02 - 000000000 ____D C:\FRST
2020-03-17 21:32 - 2020-03-17 21:31 - 002279936 _____ (Farbar) C:\Users\Jindřich\Desktop\FRST64.exe
2020-03-17 21:31 - 2020-03-17 21:31 - 002279936 _____ (Farbar) C:\Users\Jindřich\Downloads\FRST64.exe
2020-03-17 20:54 - 2020-03-17 20:56 - 000000000 ____D C:\AdwCleaner
2020-03-17 20:53 - 2020-03-17 20:53 - 008199856 _____ (Malwarebytes) C:\Users\Jindřich\Desktop\adwcleaner_8.0.3.exe
2020-03-17 20:52 - 2020-03-17 20:53 - 008199856 _____ (Malwarebytes) C:\Users\Jindřich\Downloads\adwcleaner_8.0.3.exe
2020-03-17 20:15 - 2020-03-17 20:15 - 001222144 _____ C:\Users\Jindřich\Downloads\RSITx64.exe
2020-03-17 20:15 - 2020-03-17 20:15 - 000000000 ____D C:\rsit
2020-03-17 08:26 - 2020-03-17 08:27 - 022195736 _____ (Piriform Software Ltd) C:\Users\Jindřich\Downloads\ccsetup564.exe
2020-03-16 15:34 - 2020-03-16 15:34 - 000000000 ____D C:\Users\Jindřich\Downloads\Subs
2020-03-16 09:05 - 2020-03-16 09:05 - 000000267 ____R C:\Users\Jindřich\Downloads\Jojo.Rabbit.2019.1080p.WEBRip.x264.AAC5.1-[YTS.MX].srt
2020-03-13 17:06 - 2020-03-13 17:06 - 000000267 ____R C:\Users\Jindřich\Downloads\Spies.In.Disguise.2019.1080p.BluRay.x264.AAC5.1-[YTS.MX].srt
2020-03-12 21:43 - 2020-03-16 09:29 - 1941913900 ____R C:\Users\Jindřich\Downloads\Spies.In.Disguise.2019.1080p.BluRay.x264.AAC5.1-[YTS.MX].mp4
2020-03-12 21:13 - 2020-03-16 09:08 - 2067499279 ____R C:\Users\Jindřich\Downloads\Jojo.Rabbit.2019.1080p.WEBRip.x264.AAC5.1-[YTS.MX].mp4
2020-03-11 13:41 - 2020-03-11 13:44 - 454183187 _____ C:\Users\Jindřich\Downloads\freevideo.cz-ty-vole-tys-mi-vosukal-nevestu-720p.mp4
2020-03-11 13:41 - 2020-03-11 13:44 - 447793458 _____ C:\Users\Jindřich\Downloads\freevideo.cz-petra-z-rychlych-prachu-zase-prca-za-prachy-720p.mp4
2020-03-11 08:13 - 2020-03-05 03:30 - 001542920 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2020-03-11 08:13 - 2020-03-05 01:50 - 001479680 _____ (Microsoft Corporation) C:\windows\system32\wsecedit.dll
2020-03-11 08:13 - 2020-03-05 01:23 - 000274944 _____ (Microsoft Corporation) C:\windows\system32\scecli.dll
2020-03-11 08:13 - 2020-03-04 07:58 - 001335808 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsecedit.dll
2020-03-11 08:13 - 2020-03-04 07:43 - 001377792 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2020-03-11 08:13 - 2020-03-04 07:40 - 000214528 _____ (Microsoft Corporation) C:\windows\SysWOW64\scecli.dll
2020-03-11 08:13 - 2020-03-04 01:40 - 007362288 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2020-03-11 08:13 - 2020-03-04 01:39 - 002013936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2020-03-11 08:13 - 2020-02-25 03:25 - 003329536 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2020-03-11 08:13 - 2020-02-25 03:22 - 003634688 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2020-03-11 08:13 - 2020-02-15 17:45 - 001728000 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Immersive.dll
2020-03-11 08:13 - 2020-02-15 17:41 - 001546240 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 08:13 - 2020-02-13 19:22 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2020-03-11 08:13 - 2020-02-13 19:20 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2020-03-11 08:13 - 2020-02-13 19:03 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2020-03-11 08:13 - 2020-02-13 18:42 - 000133120 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2020-03-11 08:13 - 2020-02-13 18:39 - 000905728 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2020-03-11 08:13 - 2020-02-13 18:38 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2020-03-11 08:13 - 2020-02-13 18:25 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2020-03-11 08:13 - 2020-02-13 18:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 08:13 - 2020-02-13 18:17 - 002750464 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2020-03-11 08:13 - 2020-02-13 17:59 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2020-03-11 08:13 - 2020-02-13 17:58 - 000711168 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2020-03-11 08:13 - 2020-02-13 11:35 - 001765064 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2020-03-11 08:13 - 2020-02-13 07:23 - 001489512 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2020-03-11 08:13 - 2020-02-13 06:26 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 08:13 - 2020-02-13 06:06 - 000861184 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2020-03-11 08:13 - 2020-02-13 05:42 - 000459264 _____ (Microsoft Corporation) C:\windows\system32\upnphost.dll
2020-03-11 08:13 - 2020-02-13 05:41 - 002780160 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2020-03-11 08:13 - 2020-02-13 05:11 - 000332800 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnphost.dll
2020-03-11 08:13 - 2020-02-13 05:06 - 002464256 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2020-03-11 08:13 - 2020-02-12 00:09 - 001368288 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2020-03-11 08:13 - 2020-02-11 15:15 - 025753600 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2020-03-11 08:13 - 2020-02-11 15:01 - 004168192 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2020-03-11 08:13 - 2020-02-11 14:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2020-03-11 08:13 - 2020-02-11 14:50 - 002911232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2020-03-11 08:13 - 2020-02-11 14:48 - 000580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2020-03-11 08:13 - 2020-02-11 14:48 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2020-03-11 08:13 - 2020-02-11 14:39 - 020290048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2020-03-11 08:13 - 2020-02-11 14:38 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2020-03-11 08:13 - 2020-02-11 14:37 - 005500416 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2020-03-11 08:13 - 2020-02-11 14:37 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2020-03-11 08:13 - 2020-02-11 14:30 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2020-03-11 08:13 - 2020-02-11 14:23 - 000496640 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2020-03-11 08:13 - 2020-02-11 14:21 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2020-03-11 08:13 - 2020-02-11 14:20 - 002304000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2020-03-11 08:13 - 2020-02-11 14:16 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2020-03-11 08:13 - 2020-02-11 14:15 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2020-03-11 08:13 - 2020-02-11 14:14 - 000145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2020-03-11 08:13 - 2020-02-11 14:13 - 000660992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2020-03-11 08:13 - 2020-02-11 14:13 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2020-03-11 08:13 - 2020-02-11 14:09 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2020-03-11 08:13 - 2020-02-11 14:03 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2020-03-11 08:13 - 2020-02-11 14:02 - 015468544 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2020-03-11 08:13 - 2020-02-11 14:01 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2020-03-11 08:13 - 2020-02-11 14:01 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2020-03-11 08:13 - 2020-02-11 13:58 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2020-03-11 08:13 - 2020-02-11 13:57 - 000052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeedsbs.dll
2020-03-11 08:13 - 2020-02-11 13:55 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2020-03-11 08:13 - 2020-02-11 13:55 - 000128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll
2020-03-11 08:13 - 2020-02-11 13:52 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2020-03-11 08:13 - 2020-02-11 13:50 - 004112384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2020-03-11 08:13 - 2020-02-11 13:50 - 001756672 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2020-03-11 08:13 - 2020-02-11 13:49 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2020-03-11 08:13 - 2020-02-11 13:48 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2020-03-11 08:13 - 2020-02-11 13:47 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2020-03-11 08:13 - 2020-02-11 13:47 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2020-03-11 08:13 - 2020-02-11 13:47 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2020-03-11 08:13 - 2020-02-11 13:46 - 004859392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2020-03-11 08:13 - 2020-02-11 13:44 - 013854208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2020-03-11 08:13 - 2020-02-11 13:40 - 001493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2020-03-11 08:13 - 2020-02-11 13:35 - 001566720 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2020-03-11 08:13 - 2020-02-11 13:29 - 004387328 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2020-03-11 08:13 - 2020-02-11 13:25 - 001332224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2020-03-11 08:13 - 2020-02-11 13:24 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2020-03-11 08:13 - 2020-02-11 13:24 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2020-03-11 08:13 - 2020-02-08 21:05 - 000537824 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2020-03-11 08:13 - 2020-02-08 21:04 - 000140128 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2020-03-11 08:13 - 2020-02-08 19:32 - 000450536 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2020-03-11 08:13 - 2020-02-08 19:32 - 000136744 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2020-03-11 08:13 - 2020-02-08 18:55 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\npmproxy.dll
2020-03-11 08:13 - 2020-02-08 18:32 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wercplsupport.dll
2020-03-11 08:13 - 2020-02-08 18:10 - 000112128 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
2020-03-11 08:13 - 2020-02-08 18:09 - 000933888 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
2020-03-11 08:13 - 2020-02-08 18:04 - 001254912 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
2020-03-11 08:13 - 2020-02-08 17:52 - 000255488 _____ (Microsoft Corporation) C:\windows\system32\netprofm.dll
2020-03-11 08:13 - 2020-02-08 17:52 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\nlmproxy.dll
2020-03-11 08:13 - 2020-02-08 17:50 - 000550912 _____ (Microsoft Corporation) C:\windows\system32\netprofmsvc.dll
2020-03-11 08:13 - 2020-02-08 17:50 - 000056320 _____ (Microsoft Corporation) C:\windows\system32\profext.dll
2020-03-11 08:13 - 2020-02-08 17:35 - 000210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\netprofm.dll
2020-03-11 08:13 - 2020-02-08 17:35 - 000046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\profext.dll
2020-03-11 08:13 - 2020-02-08 17:28 - 000266752 _____ (Microsoft Corporation) C:\windows\system32\netman.dll
2020-03-11 08:13 - 2020-02-07 19:46 - 000784896 _____ (Microsoft Corporation) C:\windows\system32\lpksetup.exe
2020-03-11 08:13 - 2020-02-07 19:15 - 000787456 _____ (Microsoft Corporation) C:\windows\system32\WorkfoldersControl.dll
2020-03-11 08:13 - 2020-02-07 19:02 - 000229888 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll
2020-03-11 08:13 - 2020-02-07 18:32 - 001680896 _____ (Microsoft Corporation) C:\windows\system32\workfolderssvc.dll
2020-03-11 08:13 - 2020-02-05 15:38 - 000205824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys
2020-03-11 08:13 - 2020-02-05 15:38 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2020-03-11 08:13 - 2020-02-05 15:20 - 001544888 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2020-03-11 08:13 - 2020-02-01 18:36 - 000377344 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2020-03-11 08:13 - 2020-02-01 18:07 - 000319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2020-03-11 08:13 - 2020-02-01 17:57 - 000845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2020-03-11 08:13 - 2020-02-01 17:56 - 001080320 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2020-03-11 08:13 - 2020-02-01 17:48 - 000422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2020-03-11 08:13 - 2020-02-01 17:44 - 000429568 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2020-03-11 08:13 - 2020-02-01 17:36 - 000542720 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2020-03-11 08:13 - 2020-02-01 17:34 - 000272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
2020-03-11 08:13 - 2020-02-01 17:33 - 000713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2020-03-11 08:13 - 2020-02-01 17:24 - 000562176 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
2020-03-11 08:13 - 2020-01-28 20:53 - 001349120 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentServer.dll
2020-03-11 08:13 - 2020-01-28 20:47 - 000955904 _____ (Microsoft Corporation) C:\windows\system32\AppXDeploymentExtensions.dll
2020-03-11 08:13 - 2020-01-14 22:05 - 000101832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2020-03-11 08:08 - 2020-02-13 07:03 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2020-03-11 08:08 - 2020-02-13 06:06 - 000129536 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2020-03-09 17:15 - 2020-03-09 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield
2020-03-07 19:08 - 2020-03-06 16:38 - 000368056 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2020-03-06 16:49 - 2020-03-06 16:49 - 000001208 _____ C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-03-06 16:38 - 2020-03-06 16:38 - 000235184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2020-03-06 16:38 - 2020-03-06 16:38 - 000175400 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-18 11:02 - 2016-11-21 16:41 - 000000000 ____D C:\Users\Jindřich\AppData\LocalLow\Mozilla
2020-03-18 08:49 - 2015-09-11 11:37 - 000003600 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3058634117-4252258037-3257375764-1001
2020-03-18 08:31 - 2015-02-09 18:50 - 001007356 _____ C:\windows\system32\perfh005.dat
2020-03-18 08:31 - 2015-02-09 18:50 - 000236124 _____ C:\windows\system32\perfc005.dat
2020-03-18 08:31 - 2014-03-18 10:53 - 000005848 _____ C:\windows\system32\PerfStringBackup.INI
2020-03-18 07:59 - 2019-03-04 09:47 - 000004082 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1551689268
2020-03-18 07:59 - 2019-01-15 14:19 - 000004534 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-03-18 07:59 - 2017-10-25 08:43 - 000003870 _____ C:\windows\system32\Tasks\CCleaner Update
2020-03-18 07:59 - 2017-09-26 21:16 - 000002796 _____ C:\windows\system32\Tasks\CCleanerSkipUAC
2020-03-18 07:59 - 2015-12-03 23:41 - 000000000 ____D C:\windows\system32\Tasks\AVAST Software
2020-03-18 07:41 - 2018-04-16 12:34 - 000000000 ____D C:\Users\Jindřich\AppData\Local\AVAST Software
2020-03-18 07:40 - 2015-09-11 11:38 - 000000000 ___DO C:\Users\Jindřich\OneDrive
2020-03-18 07:39 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2020-03-18 07:39 - 2013-08-22 14:25 - 000524288 ___SH C:\windows\system32\config\BBI
2020-03-18 07:38 - 2015-02-09 18:19 - 000000000 ____D C:\windows\system32\Tasks\Lenovo
2020-03-18 07:33 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2020-03-17 20:56 - 2015-02-09 18:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2020-03-17 20:53 - 2020-01-28 16:43 - 000000000 ____D C:\Users\Jindřich\Downloads\Ford V Ferrari (2019) [1080p] [WEBRip] [5.1] [YTS.LT]
2020-03-17 20:53 - 2016-01-25 19:47 - 002551296 ___SH C:\Users\Jindřich\Downloads\Thumbs.db
2020-03-17 20:15 - 2017-10-10 11:18 - 000000000 ____D C:\Program Files\trend micro
2020-03-17 16:19 - 2015-09-11 11:31 - 000000000 ____D C:\Users\Jindřich
2020-03-17 13:45 - 2015-09-11 11:32 - 000000000 ____D C:\Users\Jindřich\AppData\Local\Packages
2020-03-17 08:44 - 2018-07-28 15:19 - 000000000 ____D C:\Users\Jindřich\AppData\Local\CrashDumps
2020-03-17 08:28 - 2015-09-11 12:06 - 000000000 ____D C:\Users\Jindřich\AppData\Roaming\uTorrent
2020-03-17 08:27 - 2015-09-11 12:35 - 000004374 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater
2020-03-17 08:27 - 2015-09-11 12:34 - 000000000 ____D C:\Users\Jindřich\AppData\Local\Adobe
2020-03-17 08:27 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2020-03-17 08:27 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\Macromed
2020-03-16 18:21 - 2019-03-22 17:15 - 000000000 ____D C:\Users\Jindřich\AppData\Local\BitTorrentHelper
2020-03-16 11:21 - 2017-02-27 19:42 - 000000000 ____D C:\Users\Jindřich\AppData\Local\ElevatedDiagnostics
2020-03-13 16:15 - 2020-01-05 12:40 - 000000000 ____D C:\Users\Jindřich\AppData\LocalLow\uTorrent
2020-03-13 08:32 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2020-03-12 20:31 - 2015-09-11 12:14 - 000001649 _____ C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-03-12 20:31 - 2015-09-11 11:43 - 000000000 ____D C:\Users\Jindřich\Programy
2020-03-12 19:58 - 2013-08-22 15:44 - 000494536 _____ C:\windows\system32\FNTCACHE.DAT
2020-03-12 19:57 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\setup
2020-03-12 19:57 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2020-03-11 16:37 - 2015-09-12 15:10 - 000000000 ____D C:\windows\system32\MRT
2020-03-11 16:34 - 2015-09-12 15:10 - 121542864 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2020-03-11 15:09 - 2016-03-19 19:11 - 000458584 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2020-03-11 12:37 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2020-03-11 08:07 - 2020-01-16 13:24 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2020-03-11 08:07 - 2020-01-16 13:24 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2020-03-11 08:07 - 2020-01-16 13:24 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2020-03-09 17:15 - 2017-09-26 17:00 - 000000000 ____D C:\ProgramData\Hotspot Shield
2020-03-09 17:15 - 2017-09-26 17:00 - 000000000 ____D C:\Program Files (x86)\Hotspot Shield
2020-03-09 17:15 - 2015-02-09 18:01 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-07 19:09 - 2017-03-03 22:00 - 000003910 _____ C:\windows\system32\Tasks\Avast Emergency Update
2020-03-06 16:38 - 2019-02-19 22:11 - 000279360 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2020-03-06 16:38 - 2019-01-21 15:02 - 000271120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000206608 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000064272 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2020-03-06 16:38 - 2019-01-17 20:57 - 000037864 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2020-03-06 16:38 - 2018-10-24 21:20 - 000042976 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2020-03-06 16:38 - 2017-11-09 22:03 - 000205576 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000848672 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000316256 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000110560 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2020-03-06 16:38 - 2016-03-19 19:11 - 000084056 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2020-03-06 16:38 - 2015-09-11 11:56 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-02-18 18:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\SecureBootUpdates

==================== Files in the root of some directories ========

2017-01-02 23:48 - 2017-01-02 23:48 - 000054272 _____ () C:\Users\Jindřich\AppData\Roaming\ApplicationHosting.dat
2015-10-16 13:49 - 2015-10-16 13:49 - 000000238 _____ () C:\Users\Jindřich\AppData\Roaming\del.bat
2017-01-02 23:48 - 2017-01-02 23:48 - 000126464 _____ () C:\Users\Jindřich\AppData\Roaming\lobby.dat
2017-01-02 23:48 - 2017-01-02 23:48 - 001907416 _____ () C:\Users\Jindřich\AppData\Roaming\Newdex.tst
2017-01-02 23:48 - 2017-01-02 23:48 - 000072787 _____ () C:\Users\Jindřich\AppData\Roaming\StimQuosoft.tst
2018-09-14 16:04 - 2018-09-14 16:04 - 000000000 _____ () C:\Users\Jindřich\AppData\Local\{AE246800-BBED-4280-819C-23B2D620E266}
2018-09-14 16:06 - 2018-09-14 16:07 - 000000000 _____ () C:\Users\Jindřich\AppData\Local\{CB265A8B-4A72-448C-8755-7CA49B4E330D}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-03-16 07:27
==================== End of FRST.txt ========================
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#11 Příspěvek od Šmíďák »

ADDITION


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Jindřich (18-03-2020 11:02:57)
Running from C:\Users\Jindřich\Desktop
Windows 8.1 (Update) (X64) (2015-09-11 10:32:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3058634117-4252258037-3257375764-500 - Administrator - Disabled)
Guest (S-1-5-21-3058634117-4252258037-3257375764-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3058634117-4252258037-3257375764-1003 - Limited - Enabled)
Jindřich (S-1-5-21-3058634117-4252258037-3257375764-1001 - Administrator - Enabled) => C:\Users\Jindřich

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\uTorrent) (Version: 3.5.5.45608 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{0EBC740B-4363-489B-8C27-98CE0740BA19}) (Version: 18.2.4 - Hewlett-Packard) Hidden
Activision(R) (HKLM-x32\...\{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.4 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.344 - Adobe)
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AzwSoft Adobe PDF DRM Removal 8.1.4 (HKLM-x32\...\{EC5DDCE3-100B-4745-A240-8D299052401A}) (Version: 8.1.4 - AzwSoft)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
Burnout Paradise Ultimate Box version 1.00.00.1 (HKLM-x32\...\Burnout Paradise Ultimate Box_is1) (Version: 1.00.00.1 - Mr DJ)
Carmageddon (DOSBox 0.74 emulation) (HKLM-x32\...\Carmageddon (DOSBox 0.74 emulation)) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.10.0.0770 - Disc Soft Ltd)
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Diablo II (HKLM-x32\...\Diablo II) (Version: - )
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
GIMP 2.6.10 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Hotspot Shield 9.6.3 (HKLM-x32\...\{AF599C42-A2E5-4251-B7EE-4925E187DF0C}) (Version: 9.6.3.11497 - Pango Inc.) Hidden
Hotspot Shield 9.6.3 (HKLM-x32\...\{dcf15c0a-28c2-4a99-b0dc-5cb941523536}) (Version: 9.6.3.11497 - Pango Inc.)
Hotspot Shield 9.6.3 (HKLM-x32\...\HotspotShield) (Version: 9.6.3 - Pango Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 15.0.15309.1315 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM-x32\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM125M126 (HKLM-x32\...\{824CF3E6-4809-47E8-AA39-C55FC380DDB7}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{99316707-3412-4DC8-952E-69632DBB58C6}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
InstallShieldHiRezCurrent (HKLM-x32\...\{9433FC1C-7405-433C-A26D-81076293BBCE}) (Version: 3.0.0.0 - Hi-Rez Studios)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) 4.0 (HKLM-x32\...\{96C730E4-F055-4118-BDF3-6E071763853C}) (Version: 3.0.1342.02 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
IrfanView 4.52 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.52 - Irfan Skiljan)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{E9325F15-6339-45E8-9DC4-C2D44B623039}) (Version: 2.5.1.0224 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.10181 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Yoga 2 Demo (HKLM-x32\...\{03C682A4-05CD-4D22-B50A-B9C3C5F2B137}) (Version: 1.0.7 - Lenovo)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Mendeley Desktop 1.15.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.15.1 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.11929.20606 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Teams) (Version: 1.2.00.34161 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 40.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 cs)) (Version: 40.0.3 - Mozilla)
Mozilla Firefox 74.0 (x64 cs) (HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\Mozilla Firefox 74.0 (x64 cs)) (Version: 74.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3 - Mozilla)
Need for Speed Most Wanted (black edition) (HKLM-x32\...\Need for Speed Most Wanted (black edition)) (Version: 1.3 - Electronic Arts)
Nero 7 Ultra Edition (HKLM-x32\...\{293C9DF5-7669-4826-BBB2-E1F182D71029}) (Version: 7.02.8631 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11929.20606 - Microsoft Corporation) Hidden
PDFill FREE PDF Editor Basic (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 14.0 - PlotSoft LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.)
Re-Volt patch 12.07 (HKLM-x32\...\Re-Volt) (Version: patch 12.07 - )
RollerCoaster Tycoon Deluxe (HKLM-x32\...\{924EAD66-F854-4605-8493-696DD59A113B}) (Version: 1.00.000 - )
Split/Second (HKLM-x32\...\{28526951-55EF-4901-A0CA-B9AC966D1DD1}) (Version: 1.00.0000 - Disney Interactive Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.71 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.34161 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
TotalImageConverter (HKLM-x32\...\Total Image Converter_is1) (Version: 5.1 - Softplicity, Inc.)
TotalPDFConverter (HKLM-x32\...\Total PDF Converter_is1) (Version: 2.8 - Softplicity, Inc.)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-10-10] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2017-10-10] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-10-10] (Evernote)
HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_55.1.43.0_x86__v10z8vjag6ke6 [2017-10-10] (Hewlett-Packard Company)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-10-10] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-10-10] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-10-10] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-10-10] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-10-10] (Microsoft Corporation) [MS Ad]
Yoga Camera Man -> C:\Program Files\WindowsApps\E0469640.YogaCameraMan_1.0.1929.30228_x86__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Yoga Phone Companion -> C:\Program Files\WindowsApps\E0469640.YogaPhoneCompanion_1.1.9.4_x64__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Yoga Picks -> C:\Program Files\WindowsApps\E0469640.YogaPicks_1.6.14.521_x64__5grkq8ppsgwt4 [2017-10-10] (LENOVO INC)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-10-10] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Jindřich\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\Jindřich\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19317.2\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Users\Jindřich\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-05-04] (Nero AG -> Nero AG)
ContextMenuHandlers1: [TotalConverter] -> {280CFDE1-1354-4431-92F3-03073BA593FB} => C:\Users\Jindřich\Programy\TotalImageConverter\axTotalConverter64.dll [2014-03-14] (Softplicity) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Users\Jindřich\Programy\DAEMON Tools Lite\dtshl64.dll [2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Users\Jindřich\Programy\DAEMON Tools Lite\dtshl64.dll [2019-03-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-10] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-03-06] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Users\Jindřich\Programy\Winrar\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
HKLM\...\Drivers32: [vidc.iv50] => C:\windows\SysWOW64\ir50_32original.dll [746496 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [msacm.iac2] => C:\windows\SysWOW64\iac25_32.ax [197632 2013-08-22] (Microsoft Windows -> Intel Corporation)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\IR41_32.AX [8704 2014-10-29] (Microsoft Windows -> Microsoft Corporation)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2009-09-16 17:44 - 2009-09-16 17:44 - 000153088 _____ (Hewlett Packard) [File not signed] C:\windows\System32\hptcpmib.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000331264 _____ (Hewlett Packard) [File not signed] C:\windows\System32\HpTcpMon.dll
2009-09-16 10:44 - 2009-09-16 10:44 - 000132096 _____ (Hewlett Packard) [File not signed] C:\windows\System32\hpzjrd01.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000041472 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPHTTPProxy.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000073728 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPTools.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 001222656 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\LEDMXMLObjects.dll
2015-10-04 11:49 - 2015-08-25 17:24 - 000100352 _____ (Hi-Rez Studios Inc.) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\HirezUtils.dll
2014-06-24 23:31 - 2014-06-24 23:31 - 000034816 _____ (HP) [File not signed] C:\Program Files (x86)\HP\HPLaserJetService\HPServiceCommunicator.dll
2014-03-26 18:22 - 2014-03-26 18:22 - 000523264 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2014-03-26 18:22 - 2014-03-26 18:22 - 000297984 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2009-09-16 17:45 - 2009-09-16 17:45 - 000317440 _____ (Microsoft Corporation) [File not signed] C:\windows\System32\HPTcpMUI.dll
2015-10-04 11:49 - 2015-09-02 12:36 - 000032256 _____ (Microsoft) [File not signed] C:\Program Files (x86)\Hi-Rez Studios\PatcherData.dll
2016-09-19 16:54 - 2014-03-14 08:25 - 003853824 _____ (Softplicity) [File not signed] C:\Users\Jindřich\Programy\TotalImageConverter\axTotalConverter64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2020-03-17 20:15 - 000000061 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Lenovo\Motion Control\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jindřich\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\StartupApproved\Run: => "World of Tanks"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B4C8B5AF-E534-4541-A01A-63AA6036703A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{061F7003-5323-4DCC-8752-E037D0B6D05A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{00226DF9-CED2-4DD2-811A-7486D3875CDA}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{85ACFC96-EFFF-41C3-8EE9-B79D55551C7E}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A8D579BC-2C63-4E8C-BA4E-76F4C47D23A5}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{4B9FD316-578D-4E45-90A4-BA76440965C3}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E1B27CD1-4322-469F-A42A-087529CBA825}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{A47D1277-CC60-46C4-A61C-37468DDFBD72}] => (Allow) C:\Users\Jindřich\Programy\Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D1644589-E39A-4ED6-8582-B7D5CE0659F2}] => (Allow) C:\Users\Jindřich\Programy\Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F1C7C2F3-1175-4849-82F7-97D74E1726FD}] => (Allow) C:\Users\Jindřich\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{6E664004-3167-4038-935D-96C7093619E0}] => (Allow) C:\Users\Jindřich\Programy\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{CA2DD3B3-A079-43F2-A39A-FCBCF175BD40}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{55C74A9B-18CA-4C17-A7D1-38F41C871888}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{92B53A1A-4D8C-42EC-81AC-25146194A207}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3F79E5CF-6EC3-4566-B52C-B9BF95F4D217}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E3D967A2-7E47-4039-A4D8-A8FF5007513C}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{779C596C-221B-449D-A554-D0DBCD2ECB1F}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB3FCDA0-DD30-4950-83B6-3274E7D21C3B}] => (Allow) C:\Users\Jindřich\Saved Games\Split Second\SplitSecond.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{76F0F054-494C-48BC-BF3C-B8D0455B477A}] => (Allow) C:\Users\Jindřich\Saved Games\Split Second\SplitSecond.exe (Disney Interactive Studios) [File not signed]
FirewallRules: [{0F18D018-F1D0-4EF6-9B83-3D8BB7B6D2AF}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{68389727-6990-4479-AE96-94638E007C9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3A240BD7-2591-4F70-A246-FBD86990CD11}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{EE27C654-4955-450A-B1A4-C8EFB5332E7F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [TCP Query User{DB0C208D-80C0-4605-9DEE-C315EC82382F}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{2A3038B9-72E0-40FE-BFB5-1F3886F21049}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{AC6A1170-0CF5-4C4C-8FF9-EF1D7CA59099}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{27ADFC77-AEEA-454F-A356-BC5018DA7081}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E4A7B798-C944-4933-BEAD-E401EA25FF1D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE8B75E6-BA90-458F-900B-7BE818F47889}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B45A0027-76ED-4230-B0BC-5455675AC674}] => (Allow) C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{C86C3314-CC6B-4AA7-9649-D4D628A214DB}] => (Allow) C:\Users\Patejl\Programy\Tunngle\TnglCtrl.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{A72BDB3B-4973-4F28-ACF9-3112887BBA93}] => (Allow) C:\Users\Patejl\Programy\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [{376DB867-25D8-4B28-BA65-21CAEB602CF1}] => (Allow) C:\Users\Patejl\Programy\Tunngle\Tunngle.exe (Tunngle.net GmbH -> Tunngle.net GmbH) [File not signed]
FirewallRules: [TCP Query User{77CF9063-D9E5-4BE7-930A-CB5A10EA6AED}C:\users\jindřich\programy\firefox\firefox.exe] => (Allow) C:\users\jindřich\programy\firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{91B317CB-587A-41E0-87E6-0D2907F02FA7}C:\users\jindřich\programy\firefox\firefox.exe] => (Allow) C:\users\jindřich\programy\firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B1010F6C-CA7E-42BD-AFF3-5D7E05E25182}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{530A9642-04EE-490E-8000-1E63366DA8A6}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\c65448bc-e467-4ec7-b4a5-246697f52957\Installer\hpbcsiInstaller.exe (Hewlett-Packard Company -> Hewlett-Packard Company)
FirewallRules: [{93CD314C-B2C3-452A-A022-F940EAE4EB71}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{09D8EE46-0086-4E1B-85A6-BEDEB20393CA}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe (VistaName -> Hewlett-Packard Co.) [File not signed]
FirewallRules: [{55426309-710D-4D1E-AEDD-733D49F8A38B}] => (Allow) C:\Users\Jindřich\Saved Games\Blur\Blur.exe () [File not signed]
FirewallRules: [{D3B27E51-F56D-4E94-B7EF-A26EC3ECA2AD}] => (Allow) C:\Users\Jindřich\Saved Games\Blur\Blur.exe () [File not signed]
FirewallRules: [{8AE959FB-3C00-4FE3-BA49-008408A92912}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5ECF4C2B-1C0C-401B-971B-8952F6360DFB}] => (Allow) C:\Users\Jindřich\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{7B4F780D-8656-4382-BF36-7F1F7696B576}C:\users\jindřich\saved games\blur\blur.exe] => (Allow) C:\users\jindřich\saved games\blur\blur.exe () [File not signed]
FirewallRules: [UDP Query User{E68CCE4A-540C-4C20-BC50-9460166F77D3}C:\users\jindřich\saved games\blur\blur.exe] => (Allow) C:\users\jindřich\saved games\blur\blur.exe () [File not signed]
FirewallRules: [{5AC2E570-8BD1-4BB0-AA66-B3F77A0959B0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0BE8BBF5-5E95-45C2-9276-6EEEBE63278A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{90020B76-0589-4354-8FCF-DE1E43A79824}] => (Allow) C:\Users\Jindřich\Programy\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [TCP Query User{1D6AA93A-818B-4AB7-82FF-E8886EA11E66}C:\users\jindřich\saved games\need for speed most wanted\speed.exe] => (Allow) C:\users\jindřich\saved games\need for speed most wanted\speed.exe () [File not signed]
FirewallRules: [UDP Query User{9E148192-F319-4941-8903-49079C7A204C}C:\users\jindřich\saved games\need for speed most wanted\speed.exe] => (Allow) C:\users\jindřich\saved games\need for speed most wanted\speed.exe () [File not signed]
FirewallRules: [{F47141F8-4843-424A-82C7-E63F7DB409F4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0425863C-63E9-4F22-A22E-29B4D978AF67}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EE153F77-F913-42CE-858B-BB1109609807}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2974F89-04E5-4532-BCDC-DAE3A39375DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{64C7B697-05D4-4112-8069-9409C7AA0B24}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{58AE29BC-293A-4A52-97E2-01A0421D2295}C:\program files\microsoft office\root\office16\lync.exe] => (Allow) C:\program files\microsoft office\root\office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-03-2020 20:55:52 AdwCleaner_BeforeCleaning_17/03/2020_20:55:52
18-03-2020 07:37:54 Restore Point Created by FRST

==================== Faulty Device Manager Devices ============

Name: Dotyková obrazovka standardu HID
Description: Dotyková obrazovka standardu HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standardní systémová zařízení)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/18/2020 08:31:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/18/2020 08:31:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/18/2020 08:31:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/18/2020 07:45:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (03/18/2020 07:45:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/18/2020 07:45:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (03/18/2020 07:37:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {caa31341-0b7f-4741-b409-e645a0555e9d}

Error: (03/18/2020 07:36:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (03/18/2020 07:40:23 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\windows\AppCompat\Programs\Amcache.hve

Error: (03/18/2020 07:40:22 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Hotspot Shield Service 9.6.3 přestala během spouštění reagovat.

Error: (03/18/2020 07:38:58 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/18/2020 07:38:58 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/18/2020 07:38:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\windows\System32\IWMSSvc.dll

Error: (03/18/2020 07:38:22 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (03/18/2020 07:37:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Hotspot Shield Service 9.6.3 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/18/2020 07:37:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Rapid Storage Technology byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2016-03-18 14:48:12.287
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {98F199DA-C244-4ADB-B38E-803D9BF3B0B5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-18 14:32:57.624
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {947BAB98-70A0-45AB-9CF3-791AA13AEA68}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-16 16:56:26.225
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {7654086C-13DB-46AE-9442-47A0BF79CCFD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 18:57:16.930
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8848F556-C120-43AA-8C99-003C4499425C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 16:55:56.505
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CD83A9D7-9295-4CCF-B744-29D35C65E2F8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2016-03-15 19:54:07.496
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.40.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.11804.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.491
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.491
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2016-03-15 19:54:07.472
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.215.1603.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12505.0
Kód chyby: 0x8024402c
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2016-03-15 19:07:16.940
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 115.40.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.11804.0
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2018-08-05 19:19:04.338
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:03.854
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:03.367
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:02.881
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:02.400
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:01.913
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:01.368
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 19:19:00.861
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: LENOVO 96CN29WW(V1.15) 10/16/2014
Motherboard: LENOVO INVALID
Processor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Percentage of memory in use: 27%
Total physical RAM: 8112.96 MB
Available physical RAM: 5917.64 MB
Total Virtual: 13744.96 MB
Available Virtual: 11222.63 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:197.8 GB) (Free:82.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.53 GB) NTFS
Drive e: (RCT_DELUXE) (CDROM) (Total:0.49 GB) (Free:0 GB) CDFS
Drive g: (My Passport) (Fixed) (Total:1862.98 GB) (Free:473.45 GB) NTFS

\\?\Volume{8cee2ca3-2508-4353-b1c9-83c25eff861f}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{20b373c0-f81d-472c-884c-a02b6cd84344}\ (PBR_DRV) (Fixed) (Total:13.34 GB) (Free:3.13 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 89EB774A)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: B152C314)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#12 Příspěvek od Šmíďák »

Tak stále se objeví chvíle, kdy to vypadá, jako kdyby kleslo fps tak na hodnotu 10
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#13 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Uživatelský avatar
Šmíďák
Návštěvník
Návštěvník
Příspěvky: 149
Registrován: 15 říj 2012 13:42
Bydliště: Brno

Re: Pomalý ntb

#14 Příspěvek od Šmíďák »

Fix result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
Ran by Jindřich (19-03-2020 14:59:41) Run:2
Running from C:\Users\Jindřich\Desktop
Loaded Profiles: Jindřich (Available Profiles: Jindřich)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\...\MountPoints2: {1f44216f-3da3-11e9-83a9-00090ffe0001} - "E:\Autorun.exe"

EmptyTemp:
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKU\S-1-5-21-3058634117-4252258037-3257375764-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1f44216f-3da3-11e9-83a9-00090ffe0001} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12676254 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 268755 B
Edge => 0 B
Chrome => 11939058 B
Firefox => 1186865321 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 952 B
NetworkService => 952 B
Jindřich => 14569951 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:59:59 ====
Nahoru
Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:
Kontaktovat uživatele Diallix

Re: Pomalý ntb

#15 Příspěvek od Diallix »

Ako je na tom pocitac?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“