Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Lenovo (27-09-2020 09:25:55)
Running from C:\Users\Lenovo\Desktop
Windows 10 Home Version 1903 18362.959 (X64) (2019-10-17 21:09:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-735095770-2984993922-1206481455-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-735095770-2984993922-1206481455-503 - Limited - Disabled)
Guest (S-1-5-21-735095770-2984993922-1206481455-501 - Limited - Disabled)
Lenovo (S-1-5-21-735095770-2984993922-1206481455-1000 - Administrator - Enabled) => C:\Users\Lenovo
WDAGUtilityAccount (S-1-5-21-735095770-2984993922-1206481455-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Reader X (10.1.16) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.7.2425 - Avast Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 85.0.5814.102 - Autoři prohlížeče Avast Secure Browser)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Management (HKLM-x32\...\{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo) Hidden
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 6.0.2.0 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 85.0.4183.121 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.6 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.1628 - CyberLink Corp.)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 85.0.564.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.33 - )
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{90120405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-735095770-2984993922-1206481455-1000\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{406C9ADB-1325-4FD0-9D13-C119CFF64E0A}) (Version: 2.65.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 81.0 (x64 cs) (HKLM\...\Mozilla Firefox 81.0 (x64 cs)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 81.0.0.7565 - Mozilla)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.7303 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21290 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 6.1.7600.10003 - Realtek Semiconductor Corp.)
Skype verze 8.42 (HKLM-x32\...\Skype_is1) (Version: 8.42 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Učitel psaní (HKLM-x32\...\UPsani) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
UserGuide (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo) Hidden
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.0.1224 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) (HKLM\...\EA12B1FB53CE4E387C31A85236C41EF559B5E392) (Version: 12/02/2010 6.1.0.1 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.175.200.0_x86__kgqvnymyfvs32 [2020-08-22] (king.com)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2006.41.0_x64__k1h2ywk1493x8 [2020-08-05] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-22] (Microsoft Studios) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-09] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-05-24] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-13] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\windows\system32\IcnOvrly.dll [2011-09-04] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-13] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [IkeyShlExt] -> {F1E551D1-822B-40e6-B4D8-A9B4A48AA07A} => C:\windows\system32\SimpleExt.dll [2011-09-04] (Lenovo (Beijing) Limited -> )
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2020-08-13] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-13] (CyberLink Corp.) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2011-09-04 08:12 - 2010-12-21 03:49 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2011-09-04 08:12 - 2010-12-21 03:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2011-09-04 08:37 - 2011-09-04 08:37 - 000958464 _____ (Lenovo) [File not signed] C:\Program Files (x86)\Lenovo\VeriFace\Czech\TimeLockRes.dll
2011-09-04 08:37 - 2011-09-04 08:37 - 002406912 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\VeriFace\MFC80UD.DLL
2011-09-04 08:37 - 2011-09-04 08:37 - 001175552 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\VeriFace\MSVCR80D.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0E08FC17 [100]
AlternateDataStreams: C:\ProgramData\Temp:BC359956 [234]
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-735095770-2984993922-1206481455-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-735095770-2984993922-1206481455-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-735095770-2984993922-1206481455-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-735095770-2984993922-1206481455-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-735095770-2984993922-1206481455-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2019-01-05 08:05 - 000000833 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-735095770-2984993922-1206481455-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo_1\Lenovo_11.jpg
DNS Servers: 192.168.5.1 - 10.10.10.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5C2F063A-5403-41FC-800F-73EEB7F02A90}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4A07C19-43DE-4B05-B010-DC66606E4A65}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{89C39E20-0B68-4945-AB8F-9DAA4BC7CF69}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe => No File
FirewallRules: [{2A15E957-8605-45DD-B95E-DBA43FA48E1C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe => No File
FirewallRules: [{98DC120F-5B5B-41A3-BA71-3298C88DA9C3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2F332B31-82FB-4E28-8831-2DE96313E7B5}] => (Allow) LPort=2869
FirewallRules: [{250D328E-F4CE-43BB-A892-79881CA3FCF9}] => (Allow) LPort=1900
FirewallRules: [{7A6791DE-8DFB-41B7-BBBD-3F9E5C11E90A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52B91A8D-FB41-471F-A18B-7DCF46B48A96}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E385398F-1CF2-4B88-B049-BD0F4BBF52B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{44EC5ED1-2FD4-45CE-BD27-55BB5116AA27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{03400D47-A308-42EF-8F29-380F2D80B544}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{37C772FC-EBDE-4298-900E-7B61132737A8}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{16B6BEB3-07C4-41D2-B2D6-2BEA5B4E2A90}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A305F3AC-B6F9-4AC2-9B4B-1E6471D1C14A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A53483E4-7921-4883-8CF1-1961D278DB08}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5977AC76-02D4-483B-AB40-34D7CDDAE176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A9566FB7-D814-460A-87D2-F7FA076202A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E454D12-D815-4D76-ACD0-E4E557565CCD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{64FA54B7-23F0-40B5-8FB6-636F73B0589F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B7C46012-FAA5-40B5-9F6D-18497B4AF328}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{88093E6B-6977-4358-8283-D49A1EBFABAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{21870647-18C1-439A-B8EF-C44DDF38C068}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{516CBBF2-821A-42BF-B34A-3CA50316E82A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E9D71250-37C9-4FEB-9607-7142B8F22799}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.80.474.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{43437148-7A44-4172-B1E4-AE69FC80B5FD}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{9B5472DD-CD94-4691-A860-36F3CB1BC9EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{119F5069-63EB-44EE-9991-ACE5144102CD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{04A1D182-232D-41F0-82BF-C73AB99899A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99550AA6-B2F4-4F8A-BE83-BE1B4CAD0FD7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{896801BA-889C-48A2-AAFD-EAF9B0C2F5B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
15-09-2020 07:42:55 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/27/2020 09:20:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1040,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/27/2020 09:18:48 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/27/2020 09:09:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4844,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/27/2020 09:01:08 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2976,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/27/2020 08:36:02 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8528,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/27/2020 08:21:50 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7704,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (09/27/2020 08:19:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. Zadaný účet již existuje.
Error: (09/27/2020 08:15:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2152,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (09/27/2020 07:33:00 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/27/2020 07:18:46 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/26/2020 08:12:25 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/26/2020 08:10:24 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {E60687F7-01A1-40AA-86AC-DB1CBF673334} se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/26/2020 07:58:41 AM) (Source: DCOM) (EventID: 10029) (User: NT AUTHORITY)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.
Error: (09/26/2020 07:48:47 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Error: (09/26/2020 07:29:35 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.
Error: (09/26/2020 07:20:03 AM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: Server Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
===================================
Date: 2020-03-04 07:37:34.020
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {EBA7855B-7E37-4A4D-BFBA-ACA64C5D1DC8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-02-25 08:11:54.349
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6298C71C-8C93-4558-B81A-AF56CB567C12}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-31 10:00:58.297
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {74A78A43-B4A2-458C-9E17-4EF49C18EC6F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-23 07:55:31.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {3057DE43-181B-4F9E-A15E-7250A114DBEF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-20 07:45:52.320
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {93DF37F9-DE73-40AE-99D0-22E73796FED1}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-16 08:56:44.655
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Nespecifikovaná chyba
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
Date: 2020-03-15 08:18:11.271
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.1239.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80070102
Error description: Vypršel časový limit operace čekání.
Date: 2020-03-10 07:44:04.345
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.311.889.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16800.2
Error code: 0x80240022
Error description: V daném programu nelze zkontrolovat aktualizace definic.
Date: 2020-02-20 08:28:20.803
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.309.1333.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16700.3
Error code: 0x80240016
Error description: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2020-02-02 07:53:38.168
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.2794.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2020-09-27 08:53:24.016
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:24.002
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:22.634
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:22.628
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:22.363
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:21.291
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:21.286
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-09-27 08:53:21.281
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 40CN25WW(V2.11) 07/29/2011
Motherboard: LENOVO Base Board Product Name
Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 83%
Total physical RAM: 4039.86 MB
Available physical RAM: 651.62 MB
Total Virtual: 8135.86 MB
Available Virtual: 4151.13 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:421.81 GB) (Free:339.99 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:29 GB) (Free:26.86 GB) NTFS
\\?\Volume{479f53c6-d6ba-11e0-b48c-806e6f6e6963}\ () (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 30F434F0)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=421.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=29 GB) - (Type=0F Extended)
Partition 4: (Not Active) - (Size=14.8 GB) - (Type=12)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Zdravím!
Dodejte ještě log FRST. Je v souboru frst.txt na ploše. Toto je pouze Addition.
Dodejte ještě log FRST. Je v souboru frst.txt na ploše. Toto je pouze Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-09-2020
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 20079) (27-09-2020 09:19:00)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Platform: Windows 10 Home Version 1903 18362.959 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\20.143.0716.0003\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Sun Microsystems, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-735095770-2984993922-1206481455-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-03-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\Installer\chrmstp.exe [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{7C2CDE72-05FD-4829-980A-EFBAD05B7697}] -> C:\WINDOWS\system32\ImageReog.dll [2011-09-04] (Lenovo (Beijing) Limited -> Lenovo)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04630E00-141D-49D9-8347-3D24E736E5BD} - System32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.59.106/cs/abandoninstall?page=tsBing
Task: {0ACC4937-3CF3-41A7-A6E5-41E5615F7F75} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0AF491A5-F6B2-455F-9958-4426D92FC7A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0C8358AF-629D-489A-921C-1C25A57D8F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0F23D586-8137-4801-AE5E-FD2C51295447} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10284D62-31F7-458F-B7ED-CF363408A4FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {12AC6AEC-A533-4A11-BAD5-B8CA62A6FA5B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BD9EB1F-7844-41F2-B7EB-DE63FA28113F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {1E384FA0-DE61-4C21-B636-67172B21487B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BA82B3-DBD4-4D20-9C14-3C8F1BC41C80} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {277A6D36-C915-482A-8ECC-26E325A48DAD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2CA3A7BF-44F2-42DF-BB64-99E8AFE36BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2D659FC5-6D0B-4041-98AB-E67BD3BDDABB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2DB9F9D3-E62E-487C-A088-1D532C94931F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3017BDE4-0A1E-47B5-B4DD-507F73D8BBAC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {3319157C-A310-4BAC-B09B-77BC59B13A3E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {39A22C17-6EA9-4D66-A2DE-D3F9889C86D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {3B692BB0-1310-466E-B780-24A4EC616A7C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40EA8C75-9352-4F4B-A4C4-8FD3C567AE28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {42C8D8EC-0AFB-4944-87A8-1D3047432B26} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {468935F4-EAA4-4D26-AA10-5CDF89B56397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46D26C61-9AF4-4438-93C4-9EE3A3E29A93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CB3264B-6C36-4322-831B-074786F7F415} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4E1BBBAB-FF5B-4C07-95B1-C6700DF7CD96} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {536E20E8-F905-4F2E-9DEE-BFCEDAFFE6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3810408 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
Task: {5A14731C-FB07-455B-B724-7FCAF1632DC7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BC98DF3-7FA0-4DC1-8AC3-C5121171256D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5F0E8798-82C2-458C-A062-DBF1075CB105} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {61596036-DFC4-4517-81ED-3E5DA9102827} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D55D317-E80F-422C-877D-24D4B55A9799} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {72C92ABF-4FF0-45B8-B325-BDDBFE04CD11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76D84E7B-E0BD-4CF8-873A-CD0FDA50D737} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7743FB36-BD53-41D6-A5C6-6FE5DF699E2C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {7B5E0CDD-8E73-4844-9AB3-CD5C8C7ADA83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {82813FA8-622D-41BA-9AB9-A8C68E8A9F86} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {876C6E91-EFC7-4667-9DEB-37A26A36BF20} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D270BC4-8031-46D2-9FE4-31B8DD1250A5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9233FFAA-025E-44D6-B647-B3892F860F61} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {A4583F85-14ED-41D0-BFB5-39E69B93BA4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB75894C-7E83-4AC3-8126-3C5EC4E6C71D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE10B37A-1CED-417D-A2D4-9DF91CE55F12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3147417-61AA-4F0B-A82E-8DC90A083ADC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BB2B5DD8-7674-4A15-98D2-F49CECA9873B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C395FE47-6290-4755-9420-73F4EA88BEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7D31CA6-0A6F-43DB-BCCC-694A57733E5F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCA3F574-FD28-4A60-8F0C-9834343F806E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D2C7D809-B748-42F7-B7CC-096160423584} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3A96DA0-C6DF-421A-A2AC-CC775D1CD0CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {D774B438-842A-45C7-8971-DC8C12EA7C2D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D8C79DA3-8AF7-4B6A-859B-A531A351B6DB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DC249AF5-4DBA-4355-A319-9FC2E3161621} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DEE00BAE-7C30-4BB8-B253-332E85D60EAA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-12] (Adobe Inc. -> Adobe)
Task: {EBF9F456-E695-4AC7-BB9C-0CE7899F3023} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {ECB449BA-26F7-41DC-9228-4B8462ABFA44} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F394590B-6CE4-426D-ACFE-26074E234183} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {F8E62CBD-2D74-4BC0-8FC5-B0C4D28BC964} - System32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {FC819596-D669-4AEB-B0AA-3F812A548C6F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{b2ffd992-7762-4aca-8d92-1c8ca509d791}: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{e44b4c38-77b1-4b49-98af-a4ecb48fbc34}: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-25]
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
FireFox:
========
FF DefaultProfile: 5hvwlvmm.default-1454680512609
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\iyc6j7n4.default-1441285981754 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 [2020-09-27]
FF Homepage: Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 -> hxxps://reflex.os.tc
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\b9vbvl6m.default-1447577149312 [2020-06-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\b9vbvl6m.default-1447577149312\Extensions\sp@avast.com.xpi [2019-03-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-09-27]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-14]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-14]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-25]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7776160 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [353696 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\elevation_service.exe [1080640 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-17] (Microsoft Corporation) [File not signed]
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-27 09:19 - 2020-09-27 09:22 - 000025698 _____ C:\Users\Lenovo\Desktop\FRST.txt
2020-09-27 09:17 - 2020-09-27 09:20 - 000000000 ____D C:\FRST
2020-09-27 09:15 - 2020-09-27 09:15 - 002013184 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST.exe
2020-09-27 09:13 - 2020-09-27 09:14 - 002299392 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2020-09-27 07:16 - 2020-09-27 07:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-26 07:42 - 2020-09-27 07:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-09-25 10:06 - 2020-09-25 10:06 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2020-09-23 06:47 - 2020-09-23 06:46 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp
2020-09-23 06:47 - 2020-09-23 06:45 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-23 06:47 - 2020-09-23 06:45 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp
2020-09-15 08:21 - 2020-09-15 08:21 - 000000000 ___HD C:\$WINDOWS.~BT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-27 09:23 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-27 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-27 08:53 - 2016-11-18 11:55 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2020-09-27 08:30 - 2020-06-06 07:17 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-27 08:30 - 2020-06-06 07:17 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-27 08:30 - 2019-10-17 23:07 - 000003816 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-27 08:30 - 2019-10-17 23:07 - 000003406 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-09-27 08:30 - 2019-10-17 23:07 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-27 08:30 - 2019-10-17 23:07 - 000003342 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3834AFEF-A715-4DFB-AE5F-342AB2759A45}
2020-09-27 08:30 - 2019-10-17 23:07 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-27 08:30 - 2019-10-17 23:07 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-735095770-2984993922-1206481455-1000
2020-09-27 08:30 - 2019-10-17 23:07 - 000002240 _____ C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334}
2020-09-27 08:30 - 2019-10-17 23:07 - 000002114 _____ C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF}
2020-09-27 08:29 - 2019-10-17 23:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-27 07:32 - 2012-11-10 10:45 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-27 07:20 - 2018-04-05 07:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software
2020-09-27 07:18 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-27 07:17 - 2011-09-04 08:38 - 000000000 ____D C:\ProgramData\VeriFace
2020-09-27 07:16 - 2012-11-10 10:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-27 07:16 - 2011-12-01 12:22 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-27 07:04 - 2019-10-17 23:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-09-26 07:47 - 2020-06-06 07:18 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-26 07:47 - 2020-06-06 07:18 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-25 12:04 - 2019-10-17 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-25 11:38 - 2019-08-04 07:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-09-24 07:06 - 2020-04-22 07:38 - 000517592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-23 07:08 - 2017-04-14 15:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 07:08 - 2017-04-14 15:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 06:55 - 2015-06-06 07:38 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-23 06:47 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-23 06:46 - 2019-01-10 08:10 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-23 06:46 - 2019-01-10 08:10 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-23 06:45 - 2020-03-12 08:43 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-23 06:45 - 2019-01-10 08:10 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-23 06:45 - 2018-11-23 08:15 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-23 06:45 - 2017-11-27 08:04 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-23 06:45 - 2015-06-06 07:38 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-23 06:45 - 2015-06-06 07:38 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-23 06:45 - 2011-12-01 10:31 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-23 06:44 - 2019-01-15 08:14 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-22 07:32 - 2018-04-05 07:14 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-22 07:32 - 2018-04-05 07:14 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-16 06:56 - 2011-09-04 08:46 - 000360333 _____ C:\WINDOWS\system32\fastboot.set
2020-09-16 06:53 - 2019-10-17 23:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-15 08:35 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-09-15 07:55 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-15 07:52 - 2016-05-24 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-15 07:44 - 2011-12-01 10:39 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-12 07:18 - 2020-06-13 18:06 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-12 07:18 - 2020-06-13 18:06 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-12 07:17 - 2020-03-13 08:24 - 006211640 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-09-12 07:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-12 07:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-09 07:17 - 2019-10-17 22:39 - 000002364 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 07:17 - 2016-05-24 17:14 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2020-08-29 07:05 - 2019-10-09 07:34 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-08-29 07:05 - 2016-07-16 07:07 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
==================== Files in the root of some directories ========
2015-06-06 08:23 - 2015-06-06 08:24 - 050063360 _____ () C:\Program Files (x86)\GUT94E0.tmp
2019-10-13 07:43 - 2019-10-13 07:43 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456}
2019-10-13 07:43 - 2019-10-13 07:43 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Lenovo (administrator) on LENOVO-PC (LENOVO 20079) (27-09-2020 09:19:00)
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Platform: Windows 10 Home Version 1903 18362.959 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\20.143.0716.0003\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Sun Microsystems, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [9753024 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [5908928 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [109160 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [561672 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2010-07-26] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2011-09-04] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-13] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-735095770-2984993922-1206481455-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53540200 2019-03-26] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\85.0.4183.121\Installer\chrmstp.exe [2020-09-23] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\Installer\chrmstp.exe [2020-09-22] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{7C2CDE72-05FD-4829-980A-EFBAD05B7697}] -> C:\WINDOWS\system32\ImageReog.dll [2011-09-04] (Lenovo (Beijing) Limited -> Lenovo)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04630E00-141D-49D9-8347-3D24E736E5BD} - System32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334} => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.59.106/cs/abandoninstall?page=tsBing
Task: {0ACC4937-3CF3-41A7-A6E5-41E5615F7F75} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0AF491A5-F6B2-455F-9958-4426D92FC7A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0C8358AF-629D-489A-921C-1C25A57D8F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0F23D586-8137-4801-AE5E-FD2C51295447} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10284D62-31F7-458F-B7ED-CF363408A4FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {12AC6AEC-A533-4A11-BAD5-B8CA62A6FA5B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1BD9EB1F-7844-41F2-B7EB-DE63FA28113F} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {1E384FA0-DE61-4C21-B636-67172B21487B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {21BA82B3-DBD4-4D20-9C14-3C8F1BC41C80} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {277A6D36-C915-482A-8ECC-26E325A48DAD} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {2CA3A7BF-44F2-42DF-BB64-99E8AFE36BEF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2D659FC5-6D0B-4041-98AB-E67BD3BDDABB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2DB9F9D3-E62E-487C-A088-1D532C94931F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3017BDE4-0A1E-47B5-B4DD-507F73D8BBAC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
Task: {3319157C-A310-4BAC-B09B-77BC59B13A3E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {39A22C17-6EA9-4D66-A2DE-D3F9889C86D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {3B692BB0-1310-466E-B780-24A4EC616A7C} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40EA8C75-9352-4F4B-A4C4-8FD3C567AE28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {42C8D8EC-0AFB-4944-87A8-1D3047432B26} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {468935F4-EAA4-4D26-AA10-5CDF89B56397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46D26C61-9AF4-4438-93C4-9EE3A3E29A93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4CB3264B-6C36-4322-831B-074786F7F415} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4E1BBBAB-FF5B-4C07-95B1-C6700DF7CD96} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {536E20E8-F905-4F2E-9DEE-BFCEDAFFE6F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3810408 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
Task: {5A14731C-FB07-455B-B724-7FCAF1632DC7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5BC98DF3-7FA0-4DC1-8AC3-C5121171256D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5F0E8798-82C2-458C-A062-DBF1075CB105} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {61596036-DFC4-4517-81ED-3E5DA9102827} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D55D317-E80F-422C-877D-24D4B55A9799} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {72C92ABF-4FF0-45B8-B325-BDDBFE04CD11} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {76D84E7B-E0BD-4CF8-873A-CD0FDA50D737} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7743FB36-BD53-41D6-A5C6-6FE5DF699E2C} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {7B5E0CDD-8E73-4844-9AB3-CD5C8C7ADA83} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {82813FA8-622D-41BA-9AB9-A8C68E8A9F86} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {876C6E91-EFC7-4667-9DEB-37A26A36BF20} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
Task: {8D270BC4-8031-46D2-9FE4-31B8DD1250A5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9233FFAA-025E-44D6-B647-B3892F860F61} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {A4583F85-14ED-41D0-BFB5-39E69B93BA4C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB75894C-7E83-4AC3-8126-3C5EC4E6C71D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE10B37A-1CED-417D-A2D4-9DF91CE55F12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B3147417-61AA-4F0B-A82E-8DC90A083ADC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BB2B5DD8-7674-4A15-98D2-F49CECA9873B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C395FE47-6290-4755-9420-73F4EA88BEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {C7D31CA6-0A6F-43DB-BCCC-694A57733E5F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CCA3F574-FD28-4A60-8F0C-9834343F806E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D2C7D809-B748-42F7-B7CC-096160423584} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D3A96DA0-C6DF-421A-A2AC-CC775D1CD0CD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1910664 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
Task: {D774B438-842A-45C7-8971-DC8C12EA7C2D} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {D8C79DA3-8AF7-4B6A-859B-A531A351B6DB} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DC249AF5-4DBA-4355-A319-9FC2E3161621} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {DEE00BAE-7C30-4BB8-B253-332E85D60EAA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-12] (Adobe Inc. -> Adobe)
Task: {EBF9F456-E695-4AC7-BB9C-0CE7899F3023} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {ECB449BA-26F7-41DC-9228-4B8462ABFA44} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F394590B-6CE4-426D-ACFE-26074E234183} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {F8E62CBD-2D74-4BC0-8FC5-B0C4D28BC964} - System32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF} => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {FC819596-D669-4AEB-B0AA-3F812A548C6F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{b2ffd992-7762-4aca-8d92-1c8ca509d791}: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Tcpip\..\Interfaces\{e44b4c38-77b1-4b49-98af-a4ecb48fbc34}: [DhcpNameServer] 192.168.5.1 10.10.10.10 8.8.8.8
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2020-09-25]
Edge StartupUrls: Default -> "hxxp://seznam.cz/"
FireFox:
========
FF DefaultProfile: 5hvwlvmm.default-1454680512609
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\iyc6j7n4.default-1441285981754 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 [2020-09-27]
FF Homepage: Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\5hvwlvmm.default-1454680512609 -> hxxps://reflex.os.tc
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\b9vbvl6m.default-1447577149312 [2020-06-10]
FF Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\b9vbvl6m.default-1447577149312\Extensions\sp@avast.com.xpi [2019-03-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-12] (Adobe Inc. -> )
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-10-03] (Sun Microsystems, Inc.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-09-27]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Prezentace) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Dokumenty) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Disk Google) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-14]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-14]
CHR Extension: (Tabulky) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-25]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-12-25]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [81088 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-12] (Adobe Inc. -> Adobe)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7776160 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [353696 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\85.0.5814.102\elevation_service.exe [1080640 2020-09-09] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\NisSrv.exe [3285864 2020-03-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.10-0\MsMpEng.exe [103168 2020-03-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37136 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [206392 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [235584 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [195648 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [60480 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16824 2020-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42768 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175200 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [517592 2020-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [109272 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84848 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851600 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469880 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [217336 2020-08-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326408 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-17] (Microsoft Corporation) [File not signed]
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [802312 2015-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-03-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [376544 2020-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2020-03-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\System32\DRIVERS\wsvd.sys [121840 2009-07-21] (CyberLink -> CyberLink)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-27 09:19 - 2020-09-27 09:22 - 000025698 _____ C:\Users\Lenovo\Desktop\FRST.txt
2020-09-27 09:17 - 2020-09-27 09:20 - 000000000 ____D C:\FRST
2020-09-27 09:15 - 2020-09-27 09:15 - 002013184 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST.exe
2020-09-27 09:13 - 2020-09-27 09:14 - 002299392 _____ (Farbar) C:\Users\Lenovo\Desktop\FRST64.exe
2020-09-27 07:16 - 2020-09-27 07:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-09-26 07:42 - 2020-09-27 07:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-09-25 10:06 - 2020-09-25 10:06 - 000000000 ____D C:\Users\Lenovo\AppData\Local\D3DSCache
2020-09-23 06:47 - 2020-09-23 06:46 - 000217328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp
2020-09-23 06:47 - 2020-09-23 06:45 - 000338528 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-09-23 06:47 - 2020-09-23 06:45 - 000175192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp
2020-09-15 08:21 - 2020-09-15 08:21 - 000000000 ___HD C:\$WINDOWS.~BT
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-09-27 09:23 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-09-27 09:04 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-09-27 08:53 - 2016-11-18 11:55 - 000000000 ____D C:\Users\Lenovo\AppData\LocalLow\Mozilla
2020-09-27 08:30 - 2020-06-06 07:17 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-09-27 08:30 - 2020-06-06 07:17 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-09-27 08:30 - 2019-10-17 23:07 - 000003816 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-09-27 08:30 - 2019-10-17 23:07 - 000003406 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-09-27 08:30 - 2019-10-17 23:07 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-09-27 08:30 - 2019-10-17 23:07 - 000003342 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3834AFEF-A715-4DFB-AE5F-342AB2759A45}
2020-09-27 08:30 - 2019-10-17 23:07 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-09-27 08:30 - 2019-10-17 23:07 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-735095770-2984993922-1206481455-1000
2020-09-27 08:30 - 2019-10-17 23:07 - 000002240 _____ C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334}
2020-09-27 08:30 - 2019-10-17 23:07 - 000002114 _____ C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF}
2020-09-27 08:29 - 2019-10-17 23:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-09-27 07:32 - 2012-11-10 10:45 - 000000000 ____D C:\ProgramData\Mozilla
2020-09-27 07:20 - 2018-04-05 07:13 - 000000000 ____D C:\Users\Lenovo\AppData\Local\AVAST Software
2020-09-27 07:18 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-09-27 07:17 - 2011-09-04 08:38 - 000000000 ____D C:\ProgramData\VeriFace
2020-09-27 07:16 - 2012-11-10 10:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-09-27 07:16 - 2011-12-01 12:22 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-09-27 07:04 - 2019-10-17 23:07 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-09-26 07:47 - 2020-06-06 07:18 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-09-26 07:47 - 2020-06-06 07:18 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-09-25 12:04 - 2019-10-17 22:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-09-25 11:38 - 2019-08-04 07:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-09-24 07:06 - 2020-04-22 07:38 - 000517592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2020-09-23 07:08 - 2017-04-14 15:22 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-09-23 07:08 - 2017-04-14 15:22 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-09-23 06:55 - 2015-06-06 07:38 - 000326408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-09-23 06:47 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-09-23 06:46 - 2019-01-10 08:10 - 000195648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2020-09-23 06:46 - 2019-01-10 08:10 - 000060480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2020-09-23 06:45 - 2020-03-12 08:43 - 000469880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-09-23 06:45 - 2019-01-10 08:10 - 000037136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-09-23 06:45 - 2018-11-23 08:15 - 000042768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-09-23 06:45 - 2017-11-27 08:04 - 000206392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-09-23 06:45 - 2015-06-06 07:38 - 000109272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-09-23 06:45 - 2015-06-06 07:38 - 000084848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-09-23 06:45 - 2011-12-01 10:31 - 000851600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-09-23 06:44 - 2019-01-15 08:14 - 000235584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2020-09-22 07:32 - 2018-04-05 07:14 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2020-09-22 07:32 - 2018-04-05 07:14 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2020-09-16 06:56 - 2011-09-04 08:46 - 000360333 _____ C:\WINDOWS\system32\fastboot.set
2020-09-16 06:53 - 2019-10-17 23:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-09-15 08:35 - 2019-03-19 06:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-09-15 07:55 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-09-15 07:52 - 2016-05-24 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-09-15 07:44 - 2011-12-01 10:39 - 129170736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-09-12 07:18 - 2020-06-13 18:06 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-09-12 07:18 - 2020-06-13 18:06 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-09-12 07:17 - 2020-03-13 08:24 - 006211640 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-09-12 07:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-09-12 07:17 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-09-09 07:17 - 2019-10-17 22:39 - 000002364 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-09-09 07:17 - 2016-05-24 17:14 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2020-08-29 07:05 - 2019-10-09 07:34 - 000002076 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-08-29 07:05 - 2016-07-16 07:07 - 000002088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
==================== Files in the root of some directories ========
2015-06-06 08:23 - 2015-06-06 08:24 - 050063360 _____ () C:\Program Files (x86)\GUT94E0.tmp
2019-10-13 07:43 - 2019-10-13 07:43 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456}
2019-10-13 07:43 - 2019-10-13 07:43 - 000000000 _____ () C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
OK. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0ACC4937-3CF3-41A7-A6E5-41E5615F7F75} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0AF491A5-F6B2-455F-9958-4426D92FC7A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0F23D586-8137-4801-AE5E-FD2C51295447} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10284D62-31F7-458F-B7ED-CF363408A4FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {39A22C17-6EA9-4D66-A2DE-D3F9889C86D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {40EA8C75-9352-4F4B-A4C4-8FD3C567AE28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {468935F4-EAA4-4D26-AA10-5CDF89B56397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46D26C61-9AF4-4438-93C4-9EE3A3E29A93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {4CB3264B-6C36-4322-831B-074786F7F415} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5A14731C-FB07-455B-B724-7FCAF1632DC7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB75894C-7E83-4AC3-8126-3C5EC4E6C71D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE10B37A-1CED-417D-A2D4-9DF91CE55F12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3147417-61AA-4F0B-A82E-8DC90A083ADC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BB2B5DD8-7674-4A15-98D2-F49CECA9873B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C395FE47-6290-4755-9420-73F4EA88BEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EBF9F456-E695-4AC7-BB9C-0CE7899F3023} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {ECB449BA-26F7-41DC-9228-4B8462ABFA44} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp
C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334}
C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF}
C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456}
C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3}
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-09-2020
Ran by Lenovo (28-09-2020 19:36:02) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0ACC4937-3CF3-41A7-A6E5-41E5615F7F75} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0AF491A5-F6B2-455F-9958-4426D92FC7A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0F23D586-8137-4801-AE5E-FD2C51295447} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10284D62-31F7-458F-B7ED-CF363408A4FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {39A22C17-6EA9-4D66-A2DE-D3F9889C86D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {40EA8C75-9352-4F4B-A4C4-8FD3C567AE28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {468935F4-EAA4-4D26-AA10-5CDF89B56397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46D26C61-9AF4-4438-93C4-9EE3A3E29A93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {4CB3264B-6C36-4322-831B-074786F7F415} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5A14731C-FB07-455B-B724-7FCAF1632DC7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB75894C-7E83-4AC3-8126-3C5EC4E6C71D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE10B37A-1CED-417D-A2D4-9DF91CE55F12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3147417-61AA-4F0B-A82E-8DC90A083ADC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BB2B5DD8-7674-4A15-98D2-F49CECA9873B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C395FE47-6290-4755-9420-73F4EA88BEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EBF9F456-E695-4AC7-BB9C-0CE7899F3023} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {ECB449BA-26F7-41DC-9228-4B8462ABFA44} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp
C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334}
C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF}
C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456}
C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3}
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ACC4937-3CF3-41A7-A6E5-41E5615F7F75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ACC4937-3CF3-41A7-A6E5-41E5615F7F75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AF491A5-F6B2-455F-9958-4426D92FC7A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AF491A5-F6B2-455F-9958-4426D92FC7A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F23D586-8137-4801-AE5E-FD2C51295447}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F23D586-8137-4801-AE5E-FD2C51295447}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10284D62-31F7-458F-B7ED-CF363408A4FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10284D62-31F7-458F-B7ED-CF363408A4FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A22C17-6EA9-4D66-A2DE-D3F9889C86D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A22C17-6EA9-4D66-A2DE-D3F9889C86D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40EA8C75-9352-4F4B-A4C4-8FD3C567AE28}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40EA8C75-9352-4F4B-A4C4-8FD3C567AE28}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{468935F4-EAA4-4D26-AA10-5CDF89B56397}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{468935F4-EAA4-4D26-AA10-5CDF89B56397}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46D26C61-9AF4-4438-93C4-9EE3A3E29A93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46D26C61-9AF4-4438-93C4-9EE3A3E29A93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CB3264B-6C36-4322-831B-074786F7F415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB3264B-6C36-4322-831B-074786F7F415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A14731C-FB07-455B-B724-7FCAF1632DC7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A14731C-FB07-455B-B724-7FCAF1632DC7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB75894C-7E83-4AC3-8126-3C5EC4E6C71D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB75894C-7E83-4AC3-8126-3C5EC4E6C71D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE10B37A-1CED-417D-A2D4-9DF91CE55F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE10B37A-1CED-417D-A2D4-9DF91CE55F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3147417-61AA-4F0B-A82E-8DC90A083ADC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3147417-61AA-4F0B-A82E-8DC90A083ADC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB2B5DD8-7674-4A15-98D2-F49CECA9873B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB2B5DD8-7674-4A15-98D2-F49CECA9873B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C395FE47-6290-4755-9420-73F4EA88BEDA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C395FE47-6290-4755-9420-73F4EA88BEDA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBF9F456-E695-4AC7-BB9C-0CE7899F3023}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBF9F456-E695-4AC7-BB9C-0CE7899F3023}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECB449BA-26F7-41DC-9228-4B8462ABFA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECB449BA-26F7-41DC-9228-4B8462ABFA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334} => moved successfully
C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF} => moved successfully
C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456} => moved successfully
C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3} => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 122106155 B
Java, Flash, Steam htmlcache => 59549 B
Windows/system/drivers => 6654805 B
Edge => 19842326 B
Chrome => 25312483 B
Firefox => 1401651100 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 133876 B
NetworkService => 18963324 B
Lenovo => 66512474 B
DefaultAppPool => 66512474 B
RecycleBin => 19745798424 B
EmptyTemp: => 20 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:51:40 ====
Ran by Lenovo (28-09-2020 19:36:02) Run:1
Running from C:\Users\Lenovo\Desktop
Loaded Profiles: Lenovo
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {0ACC4937-3CF3-41A7-A6E5-41E5615F7F75} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {0AF491A5-F6B2-455F-9958-4426D92FC7A9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {0F23D586-8137-4801-AE5E-FD2C51295447} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {10284D62-31F7-458F-B7ED-CF363408A4FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {39A22C17-6EA9-4D66-A2DE-D3F9889C86D4} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {40EA8C75-9352-4F4B-A4C4-8FD3C567AE28} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {468935F4-EAA4-4D26-AA10-5CDF89B56397} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {46D26C61-9AF4-4438-93C4-9EE3A3E29A93} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {4CB3264B-6C36-4322-831B-074786F7F415} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5A14731C-FB07-455B-B724-7FCAF1632DC7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB75894C-7E83-4AC3-8126-3C5EC4E6C71D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {AE10B37A-1CED-417D-A2D4-9DF91CE55F12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B3147417-61AA-4F0B-A82E-8DC90A083ADC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {BB2B5DD8-7674-4A15-98D2-F49CECA9873B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C395FE47-6290-4755-9420-73F4EA88BEDA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EBF9F456-E695-4AC7-BB9C-0CE7899F3023} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-14] (Google Inc -> Google Inc.)
Task: {ECB449BA-26F7-41DC-9228-4B8462ABFA44} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
U3 idsvc; no ImagePath
C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp
C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334}
C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF}
C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456}
C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3}
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ACC4937-3CF3-41A7-A6E5-41E5615F7F75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ACC4937-3CF3-41A7-A6E5-41E5615F7F75}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0AF491A5-F6B2-455F-9958-4426D92FC7A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AF491A5-F6B2-455F-9958-4426D92FC7A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0F23D586-8137-4801-AE5E-FD2C51295447}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0F23D586-8137-4801-AE5E-FD2C51295447}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{10284D62-31F7-458F-B7ED-CF363408A4FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{10284D62-31F7-458F-B7ED-CF363408A4FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{39A22C17-6EA9-4D66-A2DE-D3F9889C86D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{39A22C17-6EA9-4D66-A2DE-D3F9889C86D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\rundetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40EA8C75-9352-4F4B-A4C4-8FD3C567AE28}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40EA8C75-9352-4F4B-A4C4-8FD3C567AE28}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{468935F4-EAA4-4D26-AA10-5CDF89B56397}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{468935F4-EAA4-4D26-AA10-5CDF89B56397}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{46D26C61-9AF4-4438-93C4-9EE3A3E29A93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{46D26C61-9AF4-4438-93C4-9EE3A3E29A93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{47EEF390-E79E-4E2F-8B47-CB09AC5AAD2A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4CB3264B-6C36-4322-831B-074786F7F415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4CB3264B-6C36-4322-831B-074786F7F415}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A14731C-FB07-455B-B724-7FCAF1632DC7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A14731C-FB07-455B-B724-7FCAF1632DC7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AB75894C-7E83-4AC3-8126-3C5EC4E6C71D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AB75894C-7E83-4AC3-8126-3C5EC4E6C71D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AE10B37A-1CED-417D-A2D4-9DF91CE55F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE10B37A-1CED-417D-A2D4-9DF91CE55F12}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B3147417-61AA-4F0B-A82E-8DC90A083ADC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B3147417-61AA-4F0B-A82E-8DC90A083ADC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BB2B5DD8-7674-4A15-98D2-F49CECA9873B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BB2B5DD8-7674-4A15-98D2-F49CECA9873B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C395FE47-6290-4755-9420-73F4EA88BEDA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C395FE47-6290-4755-9420-73F4EA88BEDA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBF9F456-E695-4AC7-BB9C-0CE7899F3023}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBF9F456-E695-4AC7-BB9C-0CE7899F3023}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ECB449BA-26F7-41DC-9228-4B8462ABFA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ECB449BA-26F7-41DC-9228-4B8462ABFA44}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
C:\WINDOWS\system32\Drivers\aswa0cdbf078d3dd9b1.tmp => moved successfully
C:\WINDOWS\system32\Drivers\aswfdc61d64bd3d2e94.tmp => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\WINDOWS\system32\Tasks\{6B24448B-93EE-4A3A-AEBB-89970AE4F334} => moved successfully
C:\WINDOWS\system32\Tasks\{264D967C-BC61-400C-90CF-035329CD24BF} => moved successfully
C:\Users\Lenovo\AppData\Local\{68A7F4CE-96B1-49D9-AEB8-21C95A8A1456} => moved successfully
C:\Users\Lenovo\AppData\Local\{C2E2977F-6CFA-4EA0-8AE5-3EB82F5699E3} => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 122106155 B
Java, Flash, Steam htmlcache => 59549 B
Windows/system/drivers => 6654805 B
Edge => 19842326 B
Chrome => 25312483 B
Firefox => 1401651100 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 133876 B
NetworkService => 18963324 B
Lenovo => 66512474 B
DefaultAppPool => 66512474 B
RecycleBin => 19745798424 B
EmptyTemp: => 20 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:51:40 ====
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Rudy
- Site Admin
- Příspěvky: 119395
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?