VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2017
Ran by zuzana (administrator) on ZUZANA (14-03-2017 21:33:08)
Running from C:\Users\zuzana\Desktop
Loaded Profiles: zuzana (Available Profiles: zuzana)
Platform: Windows 10 Home Version 1607 (X64) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(LENOVO INCORPORATED.) C:\Program Files\lenovo\iMController\SystemAgentService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
() C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Plaut Slovensko, s.r.o.) C:\Program Files (x86)\eID klient\eID_klient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Program Files (x86)\eID klient\eIDCertPropagator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo) C:\Users\zuzana\AppData\Local\Apps\2.0\MQ9RZJ2R.L9V\RXNRL90O.049\lsb...tion_91a10ba61c75c82d_0001.0006_0f15e39c22fde514\LSB.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5462024 2016-08-31] (Realtek semiconductor)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-10] (AVAST Software)
HKLM-x32\...\Run: [eID_klient] => C:\Program Files (x86)\eID klient\eID_klient.exe [6353464 2016-06-27] (Plaut Slovensko, s.r.o.)
HKLM-x32\...\Run: [eIDCertPropagator] => C:\Program Files (x86)\eID klient\eIDCertPropagator.exe [532032 2016-05-18] ()
HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-10] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-10] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{bbd38182-c605-441d-bdf1-85e7bd0e0053}: [DhcpNameServer] 150.207.1.3
Tcpip\..\Interfaces\{c1c9a9a1-d3cb-40a9-916e-027b7bf12aed}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-2787438529-773852125-375511704-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2787438529-773852125-375511704-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2787438529-773852125-375511704-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKU\S-1-5-21-2787438529-773852125-375511704-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2787438529-773852125-375511704-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2787438529-773852125-375511704-1001 -> {6A13B967-C3FB-4793-978C-57FCC8D13818} URL =
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxp://195.28.70.134/kapor2/lib/mgaxctrl.cab

FireFox:
========
FF ProfilePath: C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\fstwg3x6.default [2017-03-14]
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\fstwg3x6.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fstwg3x6.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\fstwg3x6.default -> about:home
FF Session Restore: Mozilla\Firefox\Profiles\fstwg3x6.default -> is enabled.
FF Keyword.URL: Mozilla\Firefox\Profiles\fstwg3x6.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (ADB Helper) - C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\fstwg3x6.default\Extensions\adbhelper@mozilla.org [2017-01-27]
FF Extension: (Bing Search) - C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\fstwg3x6.default\Extensions\bingsearch.full@microsoft.com [2015-07-26] [not signed]
FF Extension: (Valence) - C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\fstwg3x6.default\Extensions\fxdevtools-adapters@mozilla.org [2017-01-27]
FF SearchPlugin: C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Profiles\fstwg3x6.default\searchplugins\Web Search.xml [2016-02-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-10]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: (SmartPrintButton) - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-24] (Google Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2016-05-23] (Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2016-06-29] (Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2016-07-20] (Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~3.DLL [2016-07-20] (Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2016-05-23] (Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2016-05-23] (Ditec,a.s.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.AsicFactory.js [2017-03-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigMessageContainerFb.js [2017-03-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesExtenderFb.js [2017-03-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesFb.js [2017-03-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.DViewerFb.js [2017-03-13]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\Ditec.Zep.XmlDataContainerFb.js [2017-03-13]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us
CHR StartupUrls: Default -> "hxxps://startpage-home.com/?s=lenovo&m=start"
CHR Profile: C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default [2017-03-12]
CHR Extension: (Prezentácie Google) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-19]
CHR Extension: (Dokumenty Google) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-19]
CHR Extension: (Disk Google) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-10]
CHR Extension: (YouTube) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-10]
CHR Extension: (Google Search) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-10]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-02-27]
CHR Extension: (Avast SafePrice) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-14]
CHR Extension: (Bing) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2016-09-21]
CHR Extension: (Avast SafePrice (BETA)) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoadmpfijfcmokecmkgolhbaeclfage [2017-03-01]
CHR Extension: (Tabuľky Google) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-19]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-20]
CHR Extension: (Avast Online Security) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\zuzana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]
CHR HKU\S-1-5-21-2787438529-773852125-375511704-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcoadmpfijfcmokecmkgolhbaeclfage] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-10] (AVAST Software)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [157496 2016-08-16] ()
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-12-07] (Lenovo(beijing) Limited)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246888 2016-05-24] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApkbfiltrService; C:\WINDOWS\System32\drivers\Apkbfiltr.sys [31016 2015-07-23] (Alps Electric Co., Ltd.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-10] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-10] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-10] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-10] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-10] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [548928 2017-03-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [32344 2016-06-08] (ELAN Microelectronic Corp.)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [129792 2013-02-22] (Gemalto)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3520264 2016-05-04] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-09-01] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3145224 2016-08-31] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 21:33 - 2017-03-14 21:34 - 00019133 _____ C:\Users\zuzana\Desktop\FRST.txt
2017-03-14 21:33 - 2017-03-14 21:33 - 00000000 ____D C:\FRST
2017-03-14 21:31 - 2017-03-14 21:32 - 02424832 _____ (Farbar) C:\Users\zuzana\Desktop\FRST64.exe
2017-03-13 20:52 - 2017-03-13 20:52 - 00051376 _____ C:\Users\zuzana\AppData\Local\GDIPFONTCACHEV1.DAT
2017-03-13 20:32 - 2017-03-13 20:32 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-13 20:25 - 2017-03-13 20:25 - 00000000 ____D C:\Users\zuzana\.ditec
2017-03-13 20:24 - 2017-03-13 20:24 - 00000000 ____D C:\Program Files\TAP-Windows
2017-03-13 20:23 - 2017-03-13 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditec
2017-03-13 20:21 - 2017-03-13 20:24 - 00000000 ____D C:\Program Files (x86)\Ditec
2017-03-13 20:21 - 2017-03-13 20:23 - 00000000 ____D C:\ProgramData\Ditec
2017-03-13 20:11 - 2017-03-13 20:11 - 00002479 _____ C:\Users\Public\Desktop\eID Certificate Propagator.lnk
2017-03-13 20:11 - 2017-03-13 20:11 - 00002461 _____ C:\Users\Public\Desktop\eID klient manual.lnk
2017-03-13 20:11 - 2017-03-13 20:11 - 00002425 _____ C:\Users\Public\Desktop\eID klient.lnk
2017-03-13 20:11 - 2017-03-13 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID klient
2017-03-13 20:11 - 2017-03-13 20:11 - 00000000 ____D C:\Program Files (x86)\eID klient
2017-03-13 19:56 - 2017-03-13 19:56 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-13 19:56 - 2017-03-13 19:56 - 00000000 ____D C:\Program Files (x86)\Gemalto
2017-03-13 19:27 - 2017-03-13 20:44 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-03-13 19:27 - 2017-03-13 19:27 - 00000000 ____D C:\Users\zuzana\AppData\Roaming\Plaut Slovensko s.r.o
2017-03-13 19:19 - 2017-03-13 19:19 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WUDFUsbccidDriver_01_11_00.Wdf
2017-03-12 10:10 - 2017-03-12 10:10 - 00001099 _____ C:\Users\Public\Desktop\SyncDroid.lnk
2017-03-12 10:10 - 2017-03-12 10:10 - 00000000 ____D C:\Users\zuzana\Documents\SyncDroid
2017-03-12 10:10 - 2017-03-12 10:10 - 00000000 ____D C:\Users\zuzana\AppData\Roaming\SyncDroid
2017-03-12 10:10 - 2017-03-12 10:10 - 00000000 ____D C:\SyncDroid
2017-03-12 10:10 - 2017-03-12 10:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SyncDroid
2017-03-12 10:10 - 2017-03-12 10:10 - 00000000 ____D C:\Program Files (x86)\SyncDroid
2017-03-10 10:26 - 2017-03-10 10:26 - 00002567 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aplikace Microsoft Office Excel Viewer.lnk
2017-03-10 10:26 - 2017-03-10 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-10 10:24 - 2017-03-10 10:24 - 00000000 ____D C:\Program Files (x86)\MSECache
2017-03-10 08:02 - 2017-03-13 20:38 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-03-10 08:02 - 2017-03-10 08:00 - 00334600 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-03-10 08:02 - 2017-03-10 08:00 - 00309272 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-03-10 08:02 - 2017-03-10 08:00 - 00189768 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-03-10 08:02 - 2017-03-10 08:00 - 00048528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-03-10 08:01 - 2017-03-10 08:01 - 00398408 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-03-03 15:36 - 2017-03-03 15:36 - 00160183 _____ C:\Users\zuzana\Desktop\Prevodník kódu novy.eml
2017-03-01 10:54 - 2017-03-01 10:54 - 06971584 _____ (Tim Kosse) C:\Users\zuzana\Downloads\FileZilla_3.24.1_win64-setup.exe
2017-02-19 12:05 - 2017-02-19 12:05 - 00002854 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-02-19 11:48 - 2017-02-19 12:04 - 00000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-02-19 11:48 - 2017-02-19 12:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-02-19 11:48 - 2017-02-19 11:48 - 00000000 ____D C:\Program Files\CCleaner

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 21:14 - 2016-11-20 19:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-14 20:45 - 2016-11-19 12:59 - 00000000 ____D C:\Users\zuzana\AppData\LocalLow\Mozilla
2017-03-14 18:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-14 17:58 - 2017-01-21 05:57 - 00004004 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1469987042
2017-03-14 17:58 - 2016-07-31 18:44 - 00001099 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-03-14 17:54 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-14 17:50 - 2017-01-24 08:59 - 00000000 ____D C:\Users\zuzana\AppData\Local\Deployment
2017-03-14 17:50 - 2016-07-31 18:40 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-03-14 17:48 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-03-14 17:43 - 2017-01-21 05:29 - 00000000 ____D C:\Users\zuzana
2017-03-14 17:43 - 2017-01-21 05:24 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-03-14 17:43 - 2015-02-18 18:28 - 00000000 __SHD C:\Users\zuzana\IntelGraphicsProfiles
2017-03-14 17:42 - 2016-11-20 19:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-13 20:28 - 2016-11-22 16:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-13 20:28 - 2015-02-18 18:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-13 20:27 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-03-13 20:24 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-13 20:24 - 2014-12-07 10:52 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-12 21:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-10 20:02 - 2016-07-31 18:40 - 00548928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2017-03-10 08:01 - 2016-07-31 18:43 - 00032088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00993608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00337592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.148951023832801
2017-03-10 08:01 - 2016-07-31 18:40 - 00162528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00126600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00100640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-03-10 08:01 - 2016-07-31 18:40 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-03-08 21:58 - 2015-11-14 14:42 - 00002381 _____ C:\Users\zuzana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-08 21:58 - 2015-02-18 18:33 - 00000000 ___RD C:\Users\zuzana\OneDrive
2017-03-01 11:24 - 2015-03-29 13:59 - 00000000 ____D C:\Users\zuzana\AppData\Roaming\FileZilla
2017-02-23 16:47 - 2015-02-22 14:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-23 16:43 - 2015-02-22 14:56 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-23 08:50 - 2015-02-24 22:16 - 00000000 ____D C:\ProgramData\Skype
2017-02-22 15:23 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-19 12:43 - 2015-02-19 23:29 - 00000000 ____D C:\Users\zuzana\AppData\Roaming\MPC-HC
2017-02-19 12:23 - 2017-01-21 14:15 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-19 12:06 - 2015-02-18 18:24 - 00000000 ____D C:\Users\zuzana\AppData\Local\SweetLabs App Platform
2017-02-19 11:55 - 2017-01-21 05:57 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-19 11:55 - 2014-12-07 11:20 - 00000000 ____D C:\ProgramData\Lenovo
2017-02-19 11:55 - 2014-12-07 11:20 - 00000000 ____D C:\Program Files\lenovo
2017-02-18 20:45 - 2014-12-07 11:19 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2017-02-14 14:41 - 2015-02-19 22:16 - 00000000 ____D C:\Users\zuzana\AppData\Local\Google

==================== Files in the root of some directories =======

2017-01-11 21:32 - 2017-01-13 18:59 - 0006144 _____ () C:\Users\zuzana\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-19 13:13 - 2017-01-19 13:13 - 0000915 _____ () C:\Users\zuzana\AppData\Local\recently-used.xbel
2017-01-03 20:45 - 2017-01-03 20:45 - 0000017 _____ () C:\Users\zuzana\AppData\Local\resmon.resmoncfg
2016-12-19 07:38 - 2016-12-19 07:38 - 0000000 _____ () C:\Users\zuzana\AppData\Local\{1A02B434-9CAC-42F8-8701-7CAD4C9D23C8}
2017-01-21 05:24 - 2017-01-21 05:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-03-06 20:44

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by zuzana (14-03-2017 21:34:56)
Running from C:\Users\zuzana\Desktop
Windows 10 Home Version 1607 (X64) (2017-01-21 05:15:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2787438529-773852125-375511704-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2787438529-773852125-375511704-503 - Limited - Disabled)
Guest (S-1-5-21-2787438529-773852125-375511704-501 - Limited - Disabled)
lcjuvrzgw (S-1-5-21-2787438529-773852125-375511704-1002 - Limited - Disabled)
zuzana (S-1-5-21-2787438529-773852125-375511704-1001 - Administrator - Enabled) => C:\Users\zuzana

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 23.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Advanced XML Converter 3.05 (HKLM-x32\...\Advanced XML Converter) (Version: 3.05 - HiBase Group)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.27.55 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1314 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D.Launcher (HKLM-x32\...\{11b64cd7-66d1-4b09-b0e3-8dfcbf76d72d}) (Version: 1.0.0.3 - Ditec, a.s.)
D.Signer/XAdES .NET so zásuvnými modulmi 4.0 (HKLM-x32\...\{D0EDD681-F0AA-4C83-A2F1-9603AC45687D}) (Version: 4.0.0.4 - Ditec a.s)
D.Signer/XAdES .NET Tools 4.0 (HKLM-x32\...\{A489BDE2-2553-4DBF-A97D-A23B37B92437}) (Version: 4.0.0.5 - Ditec a.s)
D.Viewer .NET 4.0 (HKLM-x32\...\{625BF6DF-2AB8-4B55-B8CE-284319D17F4D}) (Version: 4.0.2016.1027 - Ditec a.s)
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (x32 Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
eID klient (HKLM-x32\...\{4493D713-02A9-4473-A0B7-EE79B6FC1359}) (Version: 1.9.3 - MV SR, NASES)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 15.002 (20141202_15) - CÍGLER SOFTWARE, a.s.)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.35 - Lenovo)
Energy Manager (x32 Version: 1.0.0.35 - Lenovo) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
FileZilla Client 3.22.1 (HKLM-x32\...\FileZilla Client) (Version: 3.22.1 - Tim Kosse)
GemPcCCID (HKLM\...\{7567A068-2F02-40D1-A34C-16D79ECD35A6}) (Version: 2.0.3 - Gemalto)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Host App Service (HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
hppLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppP1100P1560P1600SeriesLaserJetService (x32 Version: 001.001.0.0 - Hewlett-Packard) Hidden
hppusgP1100P1560P1600Series (x32 Version: 1.0.0.1 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.0.1098 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{eff1d9d1-41fa-49ef-a986-082bfe49c293}) (Version: 16.8.0 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10249 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Mobile Phone Wireless Import (x32 Version: 1.1.1.9 - Lenovo) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo Photo Master (x32 Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\cbe8636f7dd0cf1d) (Version: 1.6.0.0 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0405-0000-0000000FF1CE}) (Version: 12.0.6334.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 sk)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 sk)) (Version: 45.8.0 - Mozilla)
OpenOffice 4.1.1 (HKLM-x32\...\{456408C1-3BDE-48CC-9A5A-79B1BB4C4787}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-2787438529-773852125-375511704-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
SyncDroid version 1.2.2 (HKLM-x32\...\{BE7E35A4-59E5-412B-9B18-57B4938B8C0B}_is1) (Version: 1.2.2 - JunTu Software, Inc.)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Cave (HKLM-x32\...\The Cave_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
User Manuals (x32 Version: 3.0.0.3 - Lenovo) Hidden
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR archivátor (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {031B2651-0D8F-47DB-B81E-0F24C34DB49C} - System32\Tasks\SafeZone scheduled Autoupdate 1469987042 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {0943C51C-2E18-4B87-964A-E33E46AB9F6F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {1A04DC4A-6740-4734-8517-0B3740CB1047} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {20CEE9E8-5EEF-429C-8473-35F42CDFFA9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {21E56928-0A08-4D2D-8765-D01182F04BB9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-19] (Lenovo)
Task: {287490AE-7657-4AAD-A741-E90B2CAD8768} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3B1CCA33-3365-4C9D-AC45-52A2D6D1872A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {46761DBE-089B-4EB3-8F71-95341AB199C0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {4B70645C-7C9E-45E6-8702-B08D66E55555} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4D46934F-1161-49B7-AD1F-94EB452DEB31} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bbaa49235ee2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {527CC32E-AE6D-4527-887B-E3EA0AA04413} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-13] (Adobe Systems Incorporated)
Task: {63E431FA-5CF2-4AB0-B4CC-E06381EED7AB} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {64DE235B-E015-4E7D-8E09-2B39B4CE8023} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {65EC12F8-010E-42EA-8C9B-2C14F4A8F3DB} - System32\Tasks\{17E62F95-33C2-468D-ACFD-1D475813BA45} => Firefox.exe hxxp://ui.skype.com/ui/0/7.18.0.111/sk/abandoninstall?page=tsBing
Task: {6BCDCB73-A86E-4FE1-ABE8-71B37292676D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1b76905add => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {734BA002-0533-4D6B-B634-4266A2064830} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {765AD836-AC0B-4102-9D90-C7505FE20040} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {783E3536-A754-42A4-B63D-9BABAE660B90} - System32\Tasks\SweetLabs App Platform => C:\Users\zuzana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {840AE29D-E406-407F-81FA-3CF6739D1A8C} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f250853edb1b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {91F7DFE6-853A-4C0F-BA52-7BBAD8E05C90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {942AC509-70F3-4A17-88D8-2C563503EA84} - \Lenovo\Lenovo Service Bridge\S-1-5-21-2787438529-773852125-375511704-1001 -> No File <==== ATTENTION
Task: {9BE482E1-49E7-4D9B-A397-318549945D9F} - \WPD\SqmUpload_S-1-5-21-2787438529-773852125-375511704-1001 -> No File <==== ATTENTION
Task: {9C79F722-B73F-4D9D-8466-16E430D6B44C} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {A355F87A-4B8F-4302-A747-69ADE1BDC808} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {A37F9BE8-2A6A-45E1-A53F-04312FD34B8E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AAB7F714-620B-412A-BA5F-DC39E0ACCC74} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-10] (AVAST Software)
Task: {B4016662-E359-452A-A0FD-33F1AEAD95AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {B8534D69-3229-4F90-A607-1B09268A8E90} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {BDD23F5F-8E18-4967-AEAB-0931F75EA98B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {CA56E538-6D04-43CE-A33C-224138490DD1} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {CB91A127-E32F-4564-973A-BAA8254D01E7} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2016-05-24] (Synaptics Incorporated)
Task: {D30844C1-947E-4362-AFC1-2CD0ABE79524} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {DB360AE7-71B6-4191-B025-C51B1B5B7F5C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EB8FB2F5-BCAC-4942-B7A6-61FD036750B8} - System32\Tasks\GoogleUpdateTaskMachineCore1d0903ff7162a8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-19] (Google Inc.)
Task: {F4F90DBD-333E-4B29-9005-E1476AB54235} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)
Task: {F7F8CAC5-9CA5-46C0-B12F-190126638D49} - System32\Tasks\{7D6AA88B-414D-4658-B9C3-88517CEC1740} => Firefox.exe hxxp://ui.skype.com/ui/0/7.6.0.105/sk/abandoninstall?page=tsMain

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bbaa49235ee2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1b76905add.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForzuzana.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-01-21 14:01 - 2017-01-21 14:01 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-06 11:00 - 2012-08-31 15:03 - 00288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2015-02-25 08:07 - 2012-09-18 15:27 - 00192512 _____ () C:\WINDOWS\System32\zlhp1020.dll
2015-02-25 08:07 - 2012-09-18 15:27 - 00065024 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\pphp1020.dll
2016-03-06 11:00 - 2012-08-31 15:02 - 00074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2014-12-07 11:25 - 2012-04-24 11:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-06-30 13:48 - 2016-08-16 15:22 - 00157496 _____ () C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
2017-01-21 14:01 - 2017-01-21 14:01 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-02-19 23:12 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2016-11-20 19:11 - 2016-11-20 19:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 00693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-21 14:02 - 2017-01-21 14:02 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-01 23:05 - 2016-11-01 23:05 - 00401896 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-08 03:52 - 2017-02-08 03:52 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-05-18 13:13 - 2016-05-18 13:13 - 00532032 _____ () C:\Program Files (x86)\eID klient\eIDCertPropagator.exe
2014-12-07 11:19 - 2014-07-10 02:19 - 00592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2014-12-07 11:19 - 2014-07-10 02:19 - 00397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2017-03-13 17:49 - 2017-03-13 17:50 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 17:49 - 2017-03-13 17:50 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 17:49 - 2017-03-13 17:50 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 17:49 - 2017-03-13 17:50 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-14 17:50 - 2017-03-14 17:50 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-06-30 13:52 - 2015-12-28 23:25 - 01540622 _____ () C:\Program Files (x86)\Ditec\DLauncher\libstdc++-6.dll
2016-06-30 13:52 - 2015-12-28 23:25 - 00120334 _____ () C:\Program Files (x86)\Ditec\DLauncher\libgcc_s_dw2-1.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00046592 _____ () C:\Program Files (x86)\eID klient\boost_thread-vc90-mt-1_49.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00227840 _____ () C:\Program Files (x86)\eID klient\boost_serialization-vc90-mt-1_49.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00567808 _____ () C:\Program Files (x86)\eID klient\boost_log-vc90-mt-1_49.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00135680 _____ () C:\Program Files (x86)\eID klient\boost_filesystem-vc90-mt-1_49.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00012800 _____ () C:\Program Files (x86)\eID klient\boost_system-vc90-mt-1_49.dll
2016-02-03 08:28 - 2016-02-03 08:28 - 00038912 _____ () C:\Program Files (x86)\eID klient\boost_date_time-vc90-mt-1_49.dll
2017-03-10 08:01 - 2017-03-10 08:01 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-31 18:39 - 2016-07-31 18:39 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-10 08:00 - 2017-03-10 08:00 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-03-10 08:01 - 2017-03-10 08:01 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-12-07 10:43 - 2013-09-16 20:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2787438529-773852125-375511704-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\zuzana\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: Application Restart #2 => C:\Users\zuzana\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\zuzana\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
MSCONFIG\startupreg: BingSvc => C:\Users\zuzana\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: cAudioFilterAgent => "C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe"
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
MSCONFIG\startupreg: Energy Manager => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
MSCONFIG\startupreg: ForteConfig => "C:\Program Files\Conexant\ForteConfig\fmapp.exe"
MSCONFIG\startupreg: HPUsageTrackingLEDM => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Lenovo Utility => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
MSCONFIG\startupreg: OneDrive => "C:\Users\zuzana\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: Pokki => "%LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe" /LOGON
MSCONFIG\startupreg: RtsFT => RTFTrack.exe
MSCONFIG\startupreg: SmartAudio => "C:\Program Files\CONEXANT\SAII\SACpl.exe" /t

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{44BEE0B3-0BB1-4006-8FA1-5F8C79779EB9}C:\program files (x86)\totalcmd\totalcmd.exe] => (Block) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [TCP Query User{AC70FFC4-BBFA-49AC-9EB6-1DA3470D5658}C:\program files (x86)\totalcmd\totalcmd.exe] => (Block) C:\program files (x86)\totalcmd\totalcmd.exe
FirewallRules: [UDP Query User{98F1D7B2-293A-4BF1-AD65-81B789EEB2F8}F:\install\sdi_update\sdi_update\sdi_x64_r496.exe] => (Allow) F:\install\sdi_update\sdi_update\sdi_x64_r496.exe
FirewallRules: [TCP Query User{65AA3AA7-5697-4F7B-8D86-5C17662A43DA}F:\install\sdi_update\sdi_update\sdi_x64_r496.exe] => (Allow) F:\install\sdi_update\sdi_update\sdi_x64_r496.exe
FirewallRules: [{61773906-2F6E-44A1-A67D-513D53E07127}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{523B4C2C-FBE8-42CF-9168-688CDDA83DAB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{951F5F8B-E809-48E0-B83B-FBEBCC5C2347}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FC3898A8-50B5-40C7-A5AE-22E10D97927F}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{BDBF8729-3317-48D0-BF80-A781FA839427}] => (Allow) LPort=55100
FirewallRules: [{7DECA863-3766-4CA2-8154-B50D0EDA04A6}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{625A5A3B-CCCB-48DE-85C3-0A53EC617E76}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C35D568E-6622-49F7-83CC-FFB8C35152CF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A0A9EC8-E1AB-49CA-BF7E-D5A0A4045671}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B9E5EC0B-C2C6-4367-AA03-D36ACA974703}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8005CC64-213C-43FD-BFEA-0D21D889DC05}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D905FD43-0ECD-47DE-83F9-6FB0B8147EDA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7500D5A8-B761-48D5-8FC1-F6EA978BDF59}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{19E40C14-346E-4AB2-BEB3-B8F1C9085EAC}C:\program files\filezilla ftp client\filezilla.exe] => (Allow) C:\program files\filezilla ftp client\filezilla.exe
FirewallRules: [TCP Query User{5EF997AD-B2BE-4704-9E90-A45FB88A1771}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe
FirewallRules: [UDP Query User{7199FD55-C58C-4342-BDB5-B68D4A9C326D}C:\program files (x86)\eid klient\eid_klient.exe] => (Allow) C:\program files (x86)\eid klient\eid_klient.exe
FirewallRules: [{F4561EF9-5C9B-4295-B117-FEE06F887F90}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [TCP Query User{7CF9B10C-6BD3-4FA1-A416-8BC326CDBF22}C:\program files (x86)\eid klient\eid_klient.exe] => (Block) C:\program files (x86)\eid klient\eid_klient.exe
FirewallRules: [UDP Query User{9DB64A19-D0D6-40CA-94DD-CEC7D68A67FF}C:\program files (x86)\eid klient\eid_klient.exe] => (Block) C:\program files (x86)\eid klient\eid_klient.exe
FirewallRules: [{4EA7AC88-A156-4A76-AA00-A8A56E1A2DA0}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe

==================== Restore Points =========================

10-03-2017 10:25:02 Nainstalováno: Microsoft Office Excel Viewer
13-03-2017 19:22:20 Nainštalované: eID klient

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2017 07:18:44 AM) (Source: dLauncherLoopback) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/13/2017 08:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: CCSDK.exe, verzia: 1.0.3.4, časová značka: 0x53bcd5bf
Názov chybujúceho modulu: SensorsApi.dll_unloaded, verzia: 10.0.14393.0, časová značka: 0x57898e91
Kód výnimky: 0xc0000005
Odstup chyby: 0x0000cc90
Identifikácia chybujúceho procesu: 0x1ad4
Čas spustenia chybujúcej aplikácie: 0x01d29c309629894e
Cesta chybujúcej aplikácie: C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
Cesta chybujúceho modulu: SensorsApi.dll
Identifikácia hlásenia: a9713d34-3138-439b-a1fc-abe65fb79fe7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (03/13/2017 08:31:02 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON (error %3).

Error: (03/13/2017 08:31:01 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_ON (error %3).

Error: (03/13/2017 07:56:46 PM) (Source: eIDCertPropService) (EventID: 13) (User: )
Description: C_GetSlotInfo() - CKR_SLOT_ID_INVALID

Error: (03/13/2017 07:56:46 PM) (Source: eIDCertPropService) (EventID: 13) (User: )
Description: C_GetSlotInfo() - CKR_SLOT_ID_INVALID

Error: (03/13/2017 07:22:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (03/13/2017 06:03:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.

Error: (03/12/2017 10:42:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: ShellExperienceHost.exe, verzia: 10.0.14393.447, časová značka: 0x5819bf85
Názov chybujúceho modulu: Windows.UI.Xaml.dll, verzia: 10.0.14393.594, časová značka: 0x5850ccd3
Kód výnimky: 0xc000027b
Odstup chyby: 0x00000000006d682b
Identifikácia chybujúceho procesu: 0x1050
Čas spustenia chybujúcej aplikácie: 0x01d29b7470094d3f
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta chybujúceho modulu: C:\Windows\System32\Windows.UI.Xaml.dll
Identifikácia hlásenia: ce1056c7-c360-4ba0-aae3-13d39dcbe18b
Celé meno chybujúceho balíka: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Identifikácia chybujúcej aplikácie vzhľadom na balík: App

Error: (03/11/2017 07:45:42 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.


System errors:
=============
Error: (03/14/2017 05:46:41 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.

Error: (03/14/2017 05:44:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:44:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:44:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:44:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:43:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Windows Presentation Foundation Font Cache 3.0.0.0 zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.

Error: (03/14/2017 05:43:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby FontCache3.0.0.0 bol dosiahnutý časový limit (30000 ms).

Error: (03/14/2017 05:43:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:43:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (03/14/2017 05:43:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 3988.27 MB
Available physical RAM: 1561.95 MB
Total Virtual: 6036.27 MB
Available Virtual: 3218.57 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:425.02 GB) (Free:30.64 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 89B9191B)

Partition: GPT.

==================== End of Addition.txt ============================

ahoj
v podstate OK, doporucujem vycistit registre CCleanerom

JaRon píše:ahoj
v podstate OK, doporucujem vycistit registre CCleanerom

Dakujem

za malo