pomalý notebook
Napsal: 17 srp 2017 15:22
Dobrý den včera a předevčírem jsme řešili pomalý notebook, ale dnes po přihlášení na Viry.cz je vše smazáno. Vůbec nevím co se stalo.
Stránka 1 z 3
Re: pomalý notebook
Napsal: 17 srp 2017 16:28
Stalo se to, že se nám při promazávání starých vláken smazalo něco, co nebylo označeno k smazání. Pravděpodobně nějaký bug. Omluvu jsem dal do oranžového rámečku výše. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 a řekněte, u čeho jsme skončili.
Re: pomalý notebook
Napsal: 17 srp 2017 16:44
Skončili jsme u adwcleaner. Takže jestli dobře chápu začneme znovu.
Re: pomalý notebook
Napsal: 17 srp 2017 16:49
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Terouš123 (17-08-2017 17:47:47)
Running from C:\Users\Terouš123\Desktop
Windows 8.1 Connected (Update) (X64) (2015-12-25 13:57:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3711724810-2781737708-1749865010-500 - Administrator - Disabled)
Guest (S-1-5-21-3711724810-2781737708-1749865010-501 - Limited - Disabled)
Terouš123 (S-1-5-21-3711724810-2781737708-1749865010-1001 - Administrator - Enabled) => C:\Users\Terouš123
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Code VBA 7.0 (HKLM-x32\...\{8AE205D4-0EA1-45B3-A9EB-478237C60F10}) (Version: 7.0.84 - AGORA Software BV)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 54.0.1 (x64 cs)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A568323-AC11-46D3-9F64-5545DECBA4D7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {4F0075D7-5B3D-4407-9063-CF5DF7218225} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-15] (Adobe Systems Incorporated)
Task: {51DB7C5F-14E3-40C8-B956-351739C0C78F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {532DC333-AD54-48C4-9D58-C381E0636FD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-14] (AVAST Software)
Task: {6AA8EB01-EF5C-4AC7-80DA-7147AB25A6F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {72F89EB0-7D62-4DD6-909D-0B3BE277BE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {79751D24-116C-4B05-8CBA-88C54ED2D4EC} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {8BFA2A2D-542E-43BD-9BCF-70EE6FD17FB4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {981CACCC-9BEB-4A48-9A23-AB6641E18B39} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {A9025FAB-1D40-4C7D-8322-69BE9E9C03C0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {C245A1D5-1095-45C0-B794-20EACF51790A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-15] (AVAST Software)
Task: {C3873BE4-7E86-4752-9861-4EEB56D940B3} - System32\Tasks\SafeZone scheduled Autoupdate 1475857930 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {E79CB3A6-C642-4CE9-96ED-72C2B728E4BD} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Terouš123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=d9636bd8-dcd5 ... 3d53645731
==================== Loaded Modules (Whitelisted) ==============
2015-12-26 13:48 - 2013-05-14 19:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-11-04 08:16 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-25 15:57 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\18289libfoxloader-x64.dll
2014-11-04 07:35 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-04 08:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-01-22 10:40 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-01-22 10:40 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-12-21 19:49 - 2016-12-21 19:49 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-04 08:23 - 2014-11-04 08:22 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-12-26 12:22 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2015-12-26 12:22 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2015-12-26 12:22 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2015-12-26 12:22 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2015-12-26 12:22 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-01-22 10:40 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\29831libfoxloader.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-22 10:40 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-12-30 15:28 - 2013-10-12 09:12 - 000985088 _____ () C:\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{67863E9F-FD6A-4D4C-BD4B-D49A63A03797}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{82406636-42CA-48DA-B448-A19B6910E1EF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{9C0D92B4-7659-47EE-87AA-A5CC1B42493E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D091BB83-1CAE-409C-AAB1-E956AA0A0F72}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F23A941D-F32D-4507-97A9-FCAF2E3C774B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9C63D51E-398A-4BEF-850B-DBBFF2671FEC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E477C070-A33A-46A0-93B6-32C7C2BBFE4A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{11A2817F-8089-43A6-A997-57C20D38E98B}] => (Allow) LPort=55100
FirewallRules: [{FAF5832C-04CF-4A8A-B7CE-A9EEFC27525B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{EE9705FF-52E4-45D0-B380-5160FBFA7B48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{322293DC-3D11-4E0A-BC4C-E1887B481594}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{615D823A-D202-46B2-94B6-A45E3B77780C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46196564-D67E-47F9-A628-56E4A586CE6D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F578AA6-7676-4548-9842-BABF9E8C1E20}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{0EC8597D-96C5-41EF-8AC3-BFE56A1F0362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{89E30DE7-5DE7-4FB5-9769-D76EE3F02A6F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
21-06-2017 21:59:13 Windows Update
16-08-2017 16:40:52 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2017 04:11:31 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 07:04:55 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001064a
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0x01d316a7418aeccb
Cesta k chybující aplikaci: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: e70d1847-829a-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/16/2017 05:51:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6b0
Čas spuštění chybující aplikace: 0x01d316a3e2772bc2
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 6a0876f9-8297-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:53:01 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/15/2017 07:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MRT.exe, verze: 5.47.13703.0, časové razítko: 0x58dec9f9
Název chybujícího modulu: combase.dll, verze: 6.3.9600.18666, časové razítko: 0x58f3203f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b3bf
ID chybujícího procesu: 0x10dc
Čas spuštění chybující aplikace: 0x01d315ef042a8879
Cesta k chybující aplikaci: C:\Windows\System32\MRT.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\combase.dll
ID zprávy: 7bc88a4e-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6a8
Čas spuštění chybující aplikace: 0x01d315ee9674517b
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 1fc8d329-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x68c
Čas spuštění chybující aplikace: 0x01d315ec64a5250f
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: ec3eb88a-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.0.0.0, časové razítko: 0x52d9e32d
Název chybujícího modulu: MurocApi.dll, verze: 17.0.0.0, časové razítko: 0x52d9e279
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002bd48
ID chybujícího procesu: 0x8f8
Čas spuštění chybující aplikace: 0x01d315ec6889c80f
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: d41761d2-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:57:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LUService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2015-12-25 14:20:05.007
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\VDWFP64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1889.32 MB
Total Virtual: 4811.21 MB
Available Virtual: 2575.39 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:350.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 662C5828)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Terouš123 (17-08-2017 17:47:47)
Running from C:\Users\Terouš123\Desktop
Windows 8.1 Connected (Update) (X64) (2015-12-25 13:57:28)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3711724810-2781737708-1749865010-500 - Administrator - Disabled)
Guest (S-1-5-21-3711724810-2781737708-1749865010-501 - Limited - Disabled)
Terouš123 (S-1-5-21-3711724810-2781737708-1749865010-1001 - Administrator - Enabled) => C:\Users\Terouš123
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG2400 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2400_series) (Version: 1.02 - Canon Inc.)
Canon MG2400 series On-screen Manual (HKLM-x32\...\Canon MG2400 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.26 - Piriform)
Code VBA 7.0 (HKLM-x32\...\{8AE205D4-0EA1-45B3-A9EB-478237C60F10}) (Version: 7.0.84 - AGORA Software BV)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.90 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{2f4d8103-e601-4d48-b81d-d508d760aaba}) (Version: 17.0.3 - Intel Corporation)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1321.0_WHQL - Sonix)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 54.0.1 (x64 cs)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Registrace uživatele zařízení Canon MG2400 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG2400 series) (Version: - Canon Inc.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 4.0.2.1 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers1: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-15] (AVAST Software)
ContextMenuHandlers6: [IobitStartMenu] -> {AF8FA9C9-9907-463e-BDC3-4CC1200D6310} => c:\program files (x86)\iobit\Classic Start\IObitStartMenuExtension.dll [2015-12-29] (IObit)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A568323-AC11-46D3-9F64-5545DECBA4D7} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {4F0075D7-5B3D-4407-9063-CF5DF7218225} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-15] (Adobe Systems Incorporated)
Task: {51DB7C5F-14E3-40C8-B956-351739C0C78F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {532DC333-AD54-48C4-9D58-C381E0636FD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-08-14] (AVAST Software)
Task: {6AA8EB01-EF5C-4AC7-80DA-7147AB25A6F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-12] (Google Inc.)
Task: {72F89EB0-7D62-4DD6-909D-0B3BE277BE46} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-21] (Piriform Ltd)
Task: {79751D24-116C-4B05-8CBA-88C54ED2D4EC} - System32\Tasks\ASC Task (One-Time) => C:\Program Files (x86)\IObit\Advanced SystemCare\XmasPromote.exe
Task: {8BFA2A2D-542E-43BD-9BCF-70EE6FD17FB4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {981CACCC-9BEB-4A48-9A23-AB6641E18B39} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-12-24] (Synaptics Incorporated)
Task: {A9025FAB-1D40-4C7D-8322-69BE9E9C03C0} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {C245A1D5-1095-45C0-B794-20EACF51790A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-15] (AVAST Software)
Task: {C3873BE4-7E86-4752-9861-4EEB56D940B3} - System32\Tasks\SafeZone scheduled Autoupdate 1475857930 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {E79CB3A6-C642-4CE9-96ED-72C2B728E4BD} - System32\Tasks\StartMenu8_Start => C:\program files (x86)\iobit\Classic Start\Start_Active.exe [2016-11-15] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\StartMenu8_Start.job => C:\program files (x86)\iobit\Classic Start\Start_Active.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Terouš123\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.so-v.com/?type=ll&uid=d9636bd8-dcd5 ... 3d53645731
==================== Loaded Modules (Whitelisted) ==============
2015-12-26 13:48 - 2013-05-14 19:50 - 000140936 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-11-04 08:16 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-04 08:23 - 2014-11-04 08:23 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-02-25 15:57 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\18289libfoxloader-x64.dll
2014-11-04 07:35 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2014-11-04 08:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2017-01-22 10:40 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-01-22 10:40 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2016-12-21 19:49 - 2016-12-21 19:49 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-11-04 08:23 - 2014-11-04 08:22 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2015-12-26 12:22 - 2015-12-29 11:30 - 000355616 _____ () C:\program files (x86)\iobit\Classic Start\madExcept_.bpl
2015-12-26 12:22 - 2015-12-29 11:29 - 000190240 _____ () C:\program files (x86)\iobit\Classic Start\madBasic_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000057632 _____ () C:\program files (x86)\iobit\Classic Start\madDisAsm_.bpl
2015-12-26 12:22 - 2015-12-29 11:30 - 000275576 _____ () C:\program files (x86)\iobit\Classic Start\sqlite3.dll
2015-12-26 12:22 - 2015-12-29 11:30 - 000059680 _____ () C:\program files (x86)\iobit\Classic Start\parseAuto.dll
2015-12-26 12:22 - 2016-10-20 09:59 - 000631072 _____ () C:\program files (x86)\iobit\Classic Start\ProductStatistics.dll
2015-12-26 12:22 - 2015-12-29 11:31 - 000047904 _____ () C:\program files (x86)\iobit\Classic Start\winkey.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-01-22 10:40 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\29831libfoxloader.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-08-15 19:42 - 2017-08-15 19:42 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-22 10:40 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2015-12-30 15:28 - 2013-10-12 09:12 - 000985088 _____ () C:\OpenOffice.org 3\program\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 192.169.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{67863E9F-FD6A-4D4C-BD4B-D49A63A03797}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{82406636-42CA-48DA-B448-A19B6910E1EF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{9C0D92B4-7659-47EE-87AA-A5CC1B42493E}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{D091BB83-1CAE-409C-AAB1-E956AA0A0F72}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{F23A941D-F32D-4507-97A9-FCAF2E3C774B}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9C63D51E-398A-4BEF-850B-DBBFF2671FEC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E477C070-A33A-46A0-93B6-32C7C2BBFE4A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{11A2817F-8089-43A6-A997-57C20D38E98B}] => (Allow) LPort=55100
FirewallRules: [{FAF5832C-04CF-4A8A-B7CE-A9EEFC27525B}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [TCP Query User{EE9705FF-52E4-45D0-B380-5160FBFA7B48}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{322293DC-3D11-4E0A-BC4C-E1887B481594}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{615D823A-D202-46B2-94B6-A45E3B77780C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{46196564-D67E-47F9-A628-56E4A586CE6D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3F578AA6-7676-4548-9842-BABF9E8C1E20}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{0EC8597D-96C5-41EF-8AC3-BFE56A1F0362}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{89E30DE7-5DE7-4FB5-9769-D76EE3F02A6F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
==================== Restore Points =========================
21-06-2017 21:59:13 Windows Update
16-08-2017 16:40:52 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2017 04:11:31 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 07:04:55 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Název chybujícího modulu: sznpp_64.exe, verze: 2.1.15.0, časové razítko: 0x59414682
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001064a
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0x01d316a7418aeccb
Cesta k chybující aplikaci: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
Cesta k chybujícímu modulu: C:\Users\TEROU1~1\AppData\Roaming\Seznam.cz\bin\sznpp_64.exe
ID zprávy: e70d1847-829a-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/16/2017 05:51:07 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/16/2017 05:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6b0
Čas spuštění chybující aplikace: 0x01d316a3e2772bc2
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 6a0876f9-8297-11e7-82b1-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:53:01 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Oznámení pro svazek C:\ nejsou aktivní.
Kontext: aplikace Windows
Podrobnosti:
Deník změn svazku je odstraňován. (HRESULT : 0x8007049a) (0x8007049a)
Error: (08/15/2017 07:52:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MRT.exe, verze: 5.47.13703.0, časové razítko: 0x58dec9f9
Název chybujícího modulu: combase.dll, verze: 6.3.9600.18666, časové razítko: 0x58f3203f
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b3bf
ID chybujícího procesu: 0x10dc
Čas spuštění chybující aplikace: 0x01d315ef042a8879
Cesta k chybující aplikaci: C:\Windows\System32\MRT.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\combase.dll
ID zprávy: 7bc88a4e-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x6a8
Čas spuštění chybující aplikace: 0x01d315ee9674517b
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: 1fc8d329-81e2-11e7-82b0-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:34:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Název chybujícího modulu: desktop173.exe, verze: 1.0.0.10, časové razítko: 0x56e96567
Kód výjimky: 0xc0000409
Posun chyby: 0x00013ce7
ID chybujícího procesu: 0x68c
Čas spuštění chybující aplikace: 0x01d315ec64a5250f
Cesta k chybující aplikaci: C:\ProgramData\desktopfind\desktop173.exe
Cesta k chybujícímu modulu: C:\ProgramData\desktopfind\desktop173.exe
ID zprávy: ec3eb88a-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/15/2017 07:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ZeroConfigService.exe, verze: 17.0.0.0, časové razítko: 0x52d9e32d
Název chybujícího modulu: MurocApi.dll, verze: 17.0.0.0, časové razítko: 0x52d9e279
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002bd48
ID chybujícího procesu: 0x8f8
Čas spuštění chybující aplikace: 0x01d315ec6889c80f
Cesta k chybující aplikaci: C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
Cesta k chybujícímu modulu: C:\Program Files\Intel\WiFi\bin\MurocApi.dll
ID zprávy: d41761d2-81df-11e7-82af-d07e352270ad
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (08/17/2017 04:08:39 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Windows Presentation Foundation Font Cache 3.0.0.0 bylo dosaženo časového limitu (30000 ms).
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:59:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:57:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\windows\System32\IWMSSvc.dll
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth OBEX Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba LUService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SMService byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (08/16/2017 06:55:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Registry Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2015-12-25 14:20:05.007
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\VDWFP64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 52%
Total physical RAM: 3979.21 MB
Available physical RAM: 1889.32 MB
Total Virtual: 4811.21 MB
Available Virtual: 2575.39 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.14 GB) (Free:350.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 662C5828)
Partition: GPT.
==================== End of Addition.txt ============================
Re: pomalý notebook
Napsal: 17 srp 2017 16:50
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-08-2017
Ran by Terouš123 (administrator) on TEROUS (17-08-2017 17:45:34)
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-04] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-15] (AVAST Software)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
Startup: C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-12-30]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{850BF180-2DAF-4A02-9F3E-400A2921EAD9}: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{D21874A6-7CC9-4F73-95F2-D1CBF3B5346C}: [DhcpNameServer] 150.206.1.3
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {1A1EA4EB-46C6-4261-B471-C9C2E1FE7464} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=227087&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-12-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF ProfilePath: C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 [2017-08-17]
FF Homepage: Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\sp@avast.com.xpi [2017-06-30]
FF Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\wrc@avast.com.xpi [2017-08-17]
FF Extension: (Seznam lištička) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-08-14]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\jnxk3zh6.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Prezentace Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Dokumenty Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Disk Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-17]
CHR Extension: (YouTube) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-11]
CHR Extension: (Tabulky Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
CHR Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-14]
CHR Extension: (Skype) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Gmail) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-15] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-15] (AVAST Software)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-04] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-04] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-04] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317400 2017-02-27] () [File not signed]
R2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [1077536 2017-01-16] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-08-15] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-08-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-08-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-08-15] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-08-15] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146704 2017-08-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-08-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-08-15] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015880 2017-08-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-08-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-08-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-08-15] (AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:42 - 2017-08-17 17:42 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
2017-08-17 16:09 - 2017-08-17 16:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-16 18:50 - 2017-08-16 18:57 - 000000000 ____D C:\AdwCleaner
2017-08-16 18:50 - 2017-08-16 18:50 - 008185288 _____ (Malwarebytes) C:\Users\Terouš123\Desktop\adwcleaner_7.0.1.0.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-16 16:43 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2017-08-16 16:23 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-08-16 16:23 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-08-16 16:06 - 2017-08-16 16:16 - 000036772 _____ C:\Users\Terouš123\Desktop\Addition.txt
2017-08-16 16:05 - 2017-07-21 15:40 - 000518144 _____ C:\windows\SysWOW64\msjetoledb40.dll
2017-08-16 16:05 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjtes40.dll
2017-08-16 16:05 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-08-16 16:05 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-08-16 16:05 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-08-16 16:05 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-08-16 16:05 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-08-16 16:05 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-08-16 16:05 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-08-16 16:05 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-08-16 16:05 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-08-16 16:05 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-08-16 16:05 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-08-16 16:05 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-08-16 16:05 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-08-16 16:05 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-08-16 16:05 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2017-08-16 16:05 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-08-16 16:05 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-08-16 16:05 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-08-16 16:05 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2017-08-16 16:05 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrepl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstext40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjint40.dll
2017-08-16 16:05 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2017-08-16 16:05 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-08-16 16:05 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-08-16 16:05 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-08-16 16:05 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-08-16 16:05 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-08-16 16:05 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-08-16 16:05 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2017-08-16 16:05 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2017-08-16 16:05 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\umrdp.dll
2017-08-16 16:05 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2017-08-16 16:05 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-08-16 16:05 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-08-16 16:05 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-08-16 16:05 - 2017-06-09 15:47 - 000448629 _____ C:\windows\system32\ApnDatabase.xml
2017-08-16 16:05 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-08-16 16:05 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-08-16 16:05 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-08-16 16:05 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2017-08-16 16:05 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-08-16 16:05 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2017-08-16 16:05 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2017-08-16 16:05 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-08-16 16:05 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2017-08-16 16:05 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-08-16 16:05 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-08-16 16:05 - 2017-06-02 14:15 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 14:12 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-08-16 16:05 - 2017-06-02 14:12 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-08-16 16:05 - 2017-06-02 14:01 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-08-16 16:05 - 2017-06-02 13:03 - 000903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-08-16 16:05 - 2017-06-02 12:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 12:24 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-08-16 16:05 - 2017-06-02 12:17 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-08-16 16:05 - 2017-06-02 11:43 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-08-16 16:05 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-08-16 16:05 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\rdsdwmdr.dll
2017-08-16 16:05 - 2017-05-14 22:19 - 001364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:16 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:13 - 001559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:58 - 001985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:48 - 001377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-08-16 16:05 - 2017-05-12 04:18 - 003714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-08-16 16:05 - 2017-05-12 01:36 - 022361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-08-16 16:05 - 2017-05-12 01:32 - 019788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-08-16 16:05 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2017-08-16 16:05 - 2017-05-06 18:05 - 001094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-08-16 16:05 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-08-16 16:05 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-08-16 16:05 - 2017-04-06 18:46 - 000434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-08-16 16:05 - 2017-04-06 18:35 - 001362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-08-16 16:05 - 2017-04-06 18:15 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-08-16 16:04 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-08-16 16:04 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-08-16 16:04 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-08-16 16:04 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-08-16 16:04 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-08-16 16:04 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
2017-08-16 16:04 - 2017-07-06 10:52 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-08-16 16:04 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswdat10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswstr10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjter40.dll
2017-08-16 16:04 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2017-08-16 16:04 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlansec.dll
2017-08-16 16:04 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2017-08-16 16:04 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-08-16 16:04 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2017-08-16 16:04 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2017-08-16 16:04 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2017-08-16 16:04 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2017-08-16 16:04 - 2017-06-12 02:14 - 000276320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-08-16 16:04 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2017-08-16 16:04 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2017-08-16 16:04 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2017-08-16 16:04 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-08-16 16:04 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\windows\system32\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\uudf.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\convert.exe
2017-08-16 16:04 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ulib.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\windows\system32\ufat.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\uexfat.dll
2017-08-16 16:04 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\uudf.dll
2017-08-16 16:04 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-08-16 16:04 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ulib.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ufat.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\uexfat.dll
2017-08-16 16:04 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-08-16 16:04 - 2017-06-02 14:06 - 001001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-08-16 16:04 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-08-16 16:04 - 2017-05-16 00:09 - 000057688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2017-08-16 16:04 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-08-16 16:04 - 2017-05-15 21:58 - 000121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-08-16 16:04 - 2017-05-14 21:04 - 000315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-08-16 16:04 - 2017-05-14 21:03 - 000373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-08-16 16:04 - 2017-05-14 20:13 - 000136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-08-16 16:04 - 2017-05-12 19:05 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-08-16 16:04 - 2017-05-12 17:51 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-08-16 16:04 - 2017-05-12 17:50 - 000124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 17:48 - 000081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-08-16 16:04 - 2017-05-12 17:47 - 000726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-08-16 16:04 - 2017-05-12 06:10 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-08-16 16:04 - 2017-05-12 04:11 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-08-16 16:04 - 2017-05-12 04:10 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 04:07 - 000409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2017-08-16 16:04 - 2017-05-12 04:06 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-08-16 16:04 - 2017-05-12 04:04 - 000897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-08-16 16:04 - 2017-05-12 04:00 - 002240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-08-16 16:04 - 2017-05-10 20:19 - 000101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-08-16 16:04 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\windows\system32\snmptrap.exe
2017-08-16 16:04 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\windows\system32\DAFWSD.dll
2017-08-16 16:04 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
2017-08-16 16:04 - 2017-05-06 18:04 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-08-16 16:04 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-08-16 16:04 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2017-08-16 16:04 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2017-08-16 16:04 - 2017-04-30 18:48 - 000080078 _____ C:\windows\system32\normidna.nls
2017-08-16 16:04 - 2017-04-06 19:16 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2017-08-16 16:04 - 2017-04-06 17:44 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2017-08-16 16:04 - 2017-04-02 16:49 - 000186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-08-16 16:01 - 2017-08-17 17:46 - 000021904 _____ C:\Users\Terouš123\Desktop\FRST.txt
2017-08-16 16:00 - 2017-08-17 17:45 - 000000000 ____D C:\FRST
2017-08-16 15:58 - 2017-08-16 15:59 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64.exe
2017-08-15 19:43 - 2017-08-15 19:43 - 000400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-08-15 19:36 - 2017-08-15 19:36 - 021540440 _____ (Malwarebytes Corporation ) C:\Users\Terouš123\Downloads\mbam-setup-2.1.4.1018.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:02 - 2016-11-19 21:54 - 000000000 ____D C:\Users\Terouš123\AppData\LocalLow\Mozilla
2017-08-17 16:32 - 2015-12-25 16:05 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3711724810-2781737708-1749865010-1001
2017-08-17 16:17 - 2015-12-25 16:06 - 000003978 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{DBBDB273-5971-4326-B3B7-80ACE8186A1C}
2017-08-17 16:14 - 2017-01-22 10:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\Seznam.cz
2017-08-17 16:14 - 2015-12-26 13:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-08-17 16:07 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-08-16 19:51 - 2014-11-04 08:23 - 000004608 _____ C:\windows\system32\VfService.trf
2017-08-16 19:50 - 2017-06-30 14:23 - 000000248 _____ C:\windows\Tasks\StartMenu8_Start.job
2017-08-16 19:44 - 2017-04-19 23:46 - 000000000 ____D C:\Users\Terouš123\AppData\Local\ElevatedDiagnostics
2017-08-16 19:12 - 2014-11-04 07:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2017-08-16 19:11 - 2015-12-25 16:07 - 000001283 _____ C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-08-16 19:06 - 2014-11-04 08:07 - 000740822 _____ C:\windows\system32\perfh005.dat
2017-08-16 19:06 - 2014-11-04 08:07 - 000151948 _____ C:\windows\system32\perfc005.dat
2017-08-16 19:06 - 2014-03-18 11:53 - 001748728 _____ C:\windows\system32\PerfStringBackup.INI
2017-08-16 19:06 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-08-16 18:57 - 2015-12-25 15:40 - 000000000 ____D C:\ProgramData\IObit
2017-08-16 18:55 - 2015-12-25 15:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\IObit
2017-08-16 17:43 - 2017-03-27 11:30 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-16 17:43 - 2016-10-07 18:32 - 000003888 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1475857930
2017-08-16 17:25 - 2013-08-22 16:44 - 000494464 _____ C:\windows\system32\FNTCACHE.DAT
2017-08-16 17:20 - 2016-01-31 23:11 - 000000000 ____D C:\windows\system32\appraiser
2017-08-16 17:20 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-08-16 17:12 - 2015-12-25 15:58 - 000000000 ____D C:\Users\Terouš123\AppData\Local\Packages
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-08-16 17:08 - 2013-08-22 15:25 - 000000167 _____ C:\windows\win.ini
2017-08-16 17:06 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-08-16 16:58 - 2015-12-27 15:45 - 000000000 ____D C:\windows\system32\MRT
2017-08-16 16:52 - 2015-12-27 15:45 - 140394280 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-08-16 16:18 - 2017-04-11 19:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-16 16:18 - 2017-04-11 19:35 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-15 19:46 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-08-15 19:44 - 2017-02-11 12:06 - 000003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-08-15 19:44 - 2015-12-25 16:22 - 001015880 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146704 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906668707
2017-08-15 19:43 - 2015-12-25 16:22 - 000585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906106203
2017-08-15 19:43 - 2015-12-25 16:22 - 000110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-08-15 19:43 - 2015-12-25 16:20 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-15 19:42 - 2017-02-11 12:06 - 000343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-08-15 19:42 - 2016-10-02 12:50 - 000041800 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-08-15 19:42 - 2015-12-25 23:15 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-08-15 19:42 - 2015-12-25 16:22 - 001015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.150281906668707
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-08-15 19:37 - 2015-12-25 15:39 - 000000000 ____D C:\ProgramData\ProductData
2017-08-15 19:30 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-15 19:21 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Files in the root of some directories =======
2014-11-04 07:35 - 2014-11-04 07:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-08-16 19:12 - 2017-08-16 19:12 - 000000086 _____ () C:\ProgramData\log_for_LU.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-16 16:40
==================== End of FRST.txt ============================
Ran by Terouš123 (administrator) on TEROUS (17-08-2017 17:45:34)
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Platform: Windows 8.1 Connected (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\SMService.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\ClassicStart.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\StartMenu_Hook.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(IObit) C:\Program Files (x86)\IObit\Classic Start\InstallServices.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(OpenOffice.org) C:\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-04] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2014-11-04] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-15] (AVAST Software)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Terouš123\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9292504 2016-12-21] (Piriform Ltd)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
Startup: C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2015-12-30]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\OpenOffice.org 3\program\quickstart.exe ()
GroupPolicy: Restriction - Chrome <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{850BF180-2DAF-4A02-9F3E-400A2921EAD9}: [DhcpNameServer] 192.169.1.254
Tcpip\..\Interfaces\{D21874A6-7CC9-4F73-95F2-D1CBF3B5346C}: [DhcpNameServer] 150.206.1.3
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {1A1EA4EB-46C6-4261-B471-C9C2E1FE7464} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=227087&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-15] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-15] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2015-12-30] (Sun Microsystems, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF ProfilePath: C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 [2017-08-17]
FF Homepage: Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522 -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\sp@avast.com.xpi [2017-06-30]
FF Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\wrc@avast.com.xpi [2017-08-17]
FF Extension: (Seznam lištička) - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\v7rprzqo.default-1485073331522\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-08-14]
FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Terouš123\AppData\Roaming\Mozilla\Firefox\Profiles\jnxk3zh6.default\extensions\deskCutv2@gmail.com => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-15] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-15] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-12-30] (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-07] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Profile: C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Prezentace Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-11]
CHR Extension: (Dokumenty Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-11]
CHR Extension: (Disk Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-11]
CHR Extension: (Seznam Lištička - Email) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-08-17]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-08-17]
CHR Extension: (YouTube) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-11]
CHR Extension: (Avast SafePrice) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-04-11]
CHR Extension: (Tabulky Google) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-14]
CHR Extension: (Avast Online Security) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-14]
CHR Extension: (Skype) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-11]
CHR Extension: (Gmail) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-11]
CHR Extension: (Chrome Media Router) - C:\Users\Terouš123\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-17]
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-15] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-15] (AVAST Software)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130008 2014-01-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-04] (Lenovo(beijing) Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-18] ()
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-04] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-11-04] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S2 SkypeUpdate; C:\Program Files (x86)\Skype\Updater\Updater.exe [317400 2017-02-27] () [File not signed]
R2 SMService; C:\program files (x86)\iobit\Classic Start\SMService.exe [1077536 2017-01-16] (IObit)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-18] (Intel® Corporation)
S2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\windows\system32\drivers\aswbidsha.sys [198976 2017-08-15] (AVAST Software s.r.o.)
R0 aswblog; C:\windows\system32\drivers\aswbloga.sys [343288 2017-08-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\windows\system32\drivers\aswbuniva.sys [57728 2017-08-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\windows\system32\drivers\aswHwid.sys [46984 2017-08-15] (AVAST Software)
R1 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41800 2017-08-15] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [146704 2017-08-15] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [110352 2017-08-15] (AVAST Software)
R0 aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [84392 2017-08-15] (AVAST Software)
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1015880 2017-08-15] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [585608 2017-08-15] (AVAST Software)
R2 aswStm; C:\windows\system32\drivers\aswStm.sys [198768 2017-08-15] (AVAST Software)
R0 aswVmm; C:\windows\system32\drivers\aswVmm.sys [361336 2017-08-15] (AVAST Software)
R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R0 MBI; C:\windows\System32\drivers\MBI.sys [29464 2013-10-10] (Intel Corporation)
R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3443680 2014-06-01] (Intel Corporation)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated)
R3 SNP2UVC; C:\windows\system32\DRIVERS\snp2uvc.sys [2853400 2014-01-24] (Sonix Co. Ltd.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [88592 2014-01-16] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:42 - 2017-08-17 17:42 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64(1).exe
2017-08-17 16:09 - 2017-08-17 16:09 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-16 18:50 - 2017-08-16 18:57 - 000000000 ____D C:\AdwCleaner
2017-08-16 18:50 - 2017-08-16 18:50 - 008185288 _____ (Malwarebytes) C:\Users\Terouš123\Desktop\adwcleaner_7.0.1.0.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2017-08-16 17:26 - 2017-07-29 02:03 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-16 16:43 - 2017-04-21 23:50 - 000030912 _____ (Microsoft Corporation) C:\windows\system32\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000029376 _____ (Microsoft Corporation) C:\windows\SysWOW64\aspnet_counters.dll
2017-08-16 16:42 - 2017-04-21 23:53 - 000018600 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-21 23:50 - 000018592 _____ (Microsoft Corporation) C:\windows\system32\msvcr100_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000987840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-04-11 20:27 - 000485576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvcp120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000993632 _____ (Microsoft Corporation) C:\windows\system32\msvcr120_clr0400.dll
2017-08-16 16:42 - 2017-03-15 20:15 - 000690008 _____ (Microsoft Corporation) C:\windows\system32\msvcp120_clr0400.dll
2017-08-16 16:23 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2017-08-16 16:23 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2017-08-16 16:23 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2017-08-16 16:06 - 2017-08-16 16:16 - 000036772 _____ C:\Users\Terouš123\Desktop\Addition.txt
2017-08-16 16:05 - 2017-07-21 15:40 - 000518144 _____ C:\windows\SysWOW64\msjetoledb40.dll
2017-08-16 16:05 - 2017-07-21 15:40 - 000290816 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjtes40.dll
2017-08-16 16:05 - 2017-07-14 08:49 - 025733632 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2017-08-16 16:05 - 2017-07-14 08:44 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2017-08-16 16:05 - 2017-07-14 08:19 - 000817664 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2017-08-16 16:05 - 2017-07-14 07:35 - 005981184 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2017-08-16 16:05 - 2017-07-14 07:26 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 07:10 - 000806912 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 06:40 - 015254016 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2017-08-16 16:05 - 2017-07-14 06:23 - 003240960 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2017-08-16 16:05 - 2017-07-14 06:07 - 001545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2017-08-16 16:05 - 2017-07-14 05:58 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2017-08-16 16:05 - 2017-07-14 04:54 - 020270080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2017-08-16 16:05 - 2017-07-14 04:48 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2017-08-16 16:05 - 2017-07-14 04:38 - 000663552 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 004546048 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2017-08-16 16:05 - 2017-07-14 04:17 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2017-08-16 16:05 - 2017-07-14 04:12 - 000693248 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2017-08-16 16:05 - 2017-07-14 04:09 - 013663744 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2017-08-16 16:05 - 2017-07-14 03:53 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2017-08-16 16:05 - 2017-07-14 03:50 - 001314816 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2017-08-16 16:05 - 2017-07-14 03:48 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2017-08-16 16:05 - 2017-07-08 22:14 - 000376672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2017-08-16 16:05 - 2017-07-08 21:12 - 004169728 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2017-08-16 16:05 - 2017-07-08 19:45 - 007078912 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 19:05 - 003631616 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2017-08-16 16:05 - 2017-07-08 18:39 - 005274624 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll
2017-08-16 16:05 - 2017-07-08 18:37 - 007797248 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 18:23 - 002749952 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2017-08-16 16:05 - 2017-07-08 17:59 - 005270016 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2017-08-16 16:05 - 2017-07-08 05:16 - 007440728 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001674520 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001534072 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 001499920 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2017-08-16 16:05 - 2017-07-08 05:16 - 001370328 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2017-08-16 16:05 - 2017-07-08 05:16 - 000086360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys
2017-08-16 16:05 - 2017-07-01 15:47 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000616448 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrepl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000343552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000310272 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd2x40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstext40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000240640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msltus40.dll
2017-08-16 16:05 - 2017-07-01 15:47 - 000144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjint40.dll
2017-08-16 16:05 - 2017-06-24 18:46 - 000424448 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
2017-08-16 16:05 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2017-08-16 16:05 - 2017-06-15 16:17 - 002551808 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2017-08-16 16:05 - 2017-06-15 16:16 - 001920000 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2017-08-16 16:05 - 2017-06-13 19:51 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2017-08-16 16:05 - 2017-06-13 19:23 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 16:17 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2017-08-16 16:05 - 2017-06-13 11:09 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2017-08-16 16:05 - 2017-06-13 10:22 - 001436160 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2017-08-16 16:05 - 2017-06-13 09:50 - 001547264 _____ (Microsoft Corporation) C:\windows\system32\wlansvc.dll
2017-08-16 16:05 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
2017-08-16 16:05 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2017-08-16 16:05 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2017-08-16 16:05 - 2017-06-11 22:13 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\umrdp.dll
2017-08-16 16:05 - 2017-06-11 22:11 - 000346112 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
2017-08-16 16:05 - 2017-06-11 22:02 - 002778112 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2017-08-16 16:05 - 2017-06-11 21:52 - 002463744 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2017-08-16 16:05 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2017-08-16 16:05 - 2017-06-09 15:47 - 000448629 _____ C:\windows\system32\ApnDatabase.xml
2017-08-16 16:05 - 2017-06-08 19:01 - 001737600 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2017-08-16 16:05 - 2017-06-08 19:01 - 001502000 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2017-08-16 16:05 - 2017-06-08 03:48 - 002457936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2017-08-16 16:05 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
2017-08-16 16:05 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\uReFS.dll
2017-08-16 16:05 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
2017-08-16 16:05 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2017-08-16 16:05 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
2017-08-16 16:05 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\windows\SysWOW64\uReFS.dll
2017-08-16 16:05 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
2017-08-16 16:05 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2017-08-16 16:05 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2017-08-16 16:05 - 2017-06-02 14:15 - 000337408 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 14:12 - 000468992 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2017-08-16 16:05 - 2017-06-02 14:12 - 000248832 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2017-08-16 16:05 - 2017-06-02 14:01 - 000774144 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2017-08-16 16:05 - 2017-06-02 13:03 - 000903168 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2017-08-16 16:05 - 2017-06-02 12:25 - 000272896 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2017-08-16 16:05 - 2017-06-02 12:24 - 000391680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2017-08-16 16:05 - 2017-06-02 12:17 - 000699392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2017-08-16 16:05 - 2017-06-02 11:43 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2017-08-16 16:05 - 2017-05-27 18:42 - 001115136 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2017-08-16 16:05 - 2017-05-27 18:38 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\rdsdwmdr.dll
2017-08-16 16:05 - 2017-05-14 22:19 - 001364040 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:16 - 001084928 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2017-08-16 16:05 - 2017-05-12 18:13 - 001559552 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:58 - 001985536 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2017-08-16 16:05 - 2017-05-12 04:48 - 001377792 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
2017-08-16 16:05 - 2017-05-12 04:18 - 003714560 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2017-08-16 16:05 - 2017-05-12 01:36 - 022361848 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2017-08-16 16:05 - 2017-05-12 01:32 - 019788672 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2017-08-16 16:05 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
2017-08-16 16:05 - 2017-05-06 18:05 - 001094656 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2017-08-16 16:05 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2017-08-16 16:05 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2017-08-16 16:05 - 2017-04-06 18:46 - 000434688 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2017-08-16 16:05 - 2017-04-06 18:35 - 001362432 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
2017-08-16 16:05 - 2017-04-06 18:15 - 000358912 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2017-08-16 16:04 - 2017-08-02 05:17 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
2017-08-16 16:04 - 2017-07-15 12:10 - 000536688 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2017-08-16 16:04 - 2017-07-15 12:10 - 000140016 _____ (Microsoft Corporation) C:\windows\system32\wermgr.exe
2017-08-16 16:04 - 2017-07-15 12:06 - 000449840 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2017-08-16 16:04 - 2017-07-15 12:06 - 000136832 _____ (Microsoft Corporation) C:\windows\SysWOW64\wermgr.exe
2017-08-16 16:04 - 2017-07-14 22:08 - 000037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-14 20:44 - 000033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\werdiagcontroller.dll
2017-08-16 16:04 - 2017-07-08 05:46 - 000377688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
2017-08-16 16:04 - 2017-07-06 10:52 - 000119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthpan.sys
2017-08-16 16:04 - 2017-07-01 15:47 - 000866816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswdat10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000641536 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswstr10.dll
2017-08-16 16:04 - 2017-07-01 15:47 - 000083968 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjter40.dll
2017-08-16 16:04 - 2017-06-24 18:16 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
2017-08-16 16:04 - 2017-06-13 19:19 - 000383488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlansec.dll
2017-08-16 16:04 - 2017-06-13 19:16 - 000024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 19:11 - 000238080 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 19:07 - 000304128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
2017-08-16 16:04 - 2017-06-13 16:16 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2017-08-16 16:04 - 2017-06-13 11:47 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\nwifi.sys
2017-08-16 16:04 - 2017-06-13 10:16 - 000445952 _____ (Microsoft Corporation) C:\windows\system32\wlansec.dll
2017-08-16 16:04 - 2017-06-13 10:10 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2017-08-16 16:04 - 2017-06-13 10:07 - 000301568 _____ (Microsoft Corporation) C:\windows\system32\ProximityService.dll
2017-08-16 16:04 - 2017-06-13 10:03 - 000302080 _____ (Microsoft Corporation) C:\windows\system32\wlanapi.dll
2017-08-16 16:04 - 2017-06-13 09:54 - 000374272 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
2017-08-16 16:04 - 2017-06-12 02:14 - 000276320 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2017-08-16 16:04 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
2017-08-16 16:04 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
2017-08-16 16:04 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
2017-08-16 16:04 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
2017-08-16 16:04 - 2017-06-11 22:02 - 000299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
2017-08-16 16:04 - 2017-06-07 06:25 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2017-08-16 16:04 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\windows\system32\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\windows\system32\uudf.dll
2017-08-16 16:04 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\convert.exe
2017-08-16 16:04 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\windows\system32\ulib.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\windows\system32\ufat.dll
2017-08-16 16:04 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\uexfat.dll
2017-08-16 16:04 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cnvfat.dll
2017-08-16 16:04 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\uudf.dll
2017-08-16 16:04 - 2017-06-06 20:38 - 000607232 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
2017-08-16 16:04 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\ulib.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ufat.dll
2017-08-16 16:04 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\windows\SysWOW64\uexfat.dll
2017-08-16 16:04 - 2017-06-06 19:44 - 000530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
2017-08-16 16:04 - 2017-06-02 14:06 - 001001984 _____ (Microsoft Corporation) C:\windows\HelpPane.exe
2017-08-16 16:04 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2017-08-16 16:04 - 2017-05-16 00:09 - 000057688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\stornvme.sys
2017-08-16 16:04 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2017-08-16 16:04 - 2017-05-15 21:58 - 000121184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2017-08-16 16:04 - 2017-05-14 21:04 - 000315224 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2017-08-16 16:04 - 2017-05-14 21:03 - 000373080 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2017-08-16 16:04 - 2017-05-14 20:13 - 000136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2017-08-16 16:04 - 2017-05-12 19:05 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2017-08-16 16:04 - 2017-05-12 17:51 - 000029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2017-08-16 16:04 - 2017-05-12 17:50 - 000124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 17:48 - 000081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2017-08-16 16:04 - 2017-05-12 17:47 - 000726528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2017-08-16 16:04 - 2017-05-12 06:10 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2017-08-16 16:04 - 2017-05-12 04:11 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2017-08-16 16:04 - 2017-05-12 04:10 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2017-08-16 16:04 - 2017-05-12 04:07 - 000409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll
2017-08-16 16:04 - 2017-05-12 04:06 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2017-08-16 16:04 - 2017-05-12 04:04 - 000897024 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2017-08-16 16:04 - 2017-05-12 04:00 - 002240512 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2017-08-16 16:04 - 2017-05-10 20:19 - 000101720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2017-08-16 16:04 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
2017-08-16 16:04 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\windows\system32\snmptrap.exe
2017-08-16 16:04 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\windows\system32\DAFWSD.dll
2017-08-16 16:04 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
2017-08-16 16:04 - 2017-05-06 18:04 - 000865792 _____ (Microsoft Corporation) C:\windows\system32\win32spl.dll
2017-08-16 16:04 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2017-08-16 16:04 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2017-08-16 16:04 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
2017-08-16 16:04 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\windows\system32\smbwmiv2.dll
2017-08-16 16:04 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
2017-08-16 16:04 - 2017-04-30 18:48 - 000080078 _____ C:\windows\system32\normidna.nls
2017-08-16 16:04 - 2017-04-06 19:16 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
2017-08-16 16:04 - 2017-04-06 17:44 - 000087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2017-08-16 16:04 - 2017-04-02 16:49 - 000186880 _____ (Microsoft Corporation) C:\windows\system32\dpapisrv.dll
2017-08-16 16:01 - 2017-08-17 17:46 - 000021904 _____ C:\Users\Terouš123\Desktop\FRST.txt
2017-08-16 16:00 - 2017-08-17 17:45 - 000000000 ____D C:\FRST
2017-08-16 15:58 - 2017-08-16 15:59 - 002395648 _____ (Farbar) C:\Users\Terouš123\Desktop\FRST64.exe
2017-08-15 19:43 - 2017-08-15 19:43 - 000400464 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2017-08-15 19:36 - 2017-08-15 19:36 - 021540440 _____ (Malwarebytes Corporation ) C:\Users\Terouš123\Downloads\mbam-setup-2.1.4.1018.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-17 17:02 - 2016-11-19 21:54 - 000000000 ____D C:\Users\Terouš123\AppData\LocalLow\Mozilla
2017-08-17 16:32 - 2015-12-25 16:05 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3711724810-2781737708-1749865010-1001
2017-08-17 16:17 - 2015-12-25 16:06 - 000003978 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{DBBDB273-5971-4326-B3B7-80ACE8186A1C}
2017-08-17 16:14 - 2017-01-22 10:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\Seznam.cz
2017-08-17 16:14 - 2015-12-26 13:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2017-08-17 16:07 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2017-08-16 19:51 - 2014-11-04 08:23 - 000004608 _____ C:\windows\system32\VfService.trf
2017-08-16 19:50 - 2017-06-30 14:23 - 000000248 _____ C:\windows\Tasks\StartMenu8_Start.job
2017-08-16 19:44 - 2017-04-19 23:46 - 000000000 ____D C:\Users\Terouš123\AppData\Local\ElevatedDiagnostics
2017-08-16 19:12 - 2014-11-04 07:43 - 000000000 ____D C:\Program Files (x86)\Lenovo
2017-08-16 19:11 - 2015-12-25 16:07 - 000001283 _____ C:\Users\Terouš123\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2017-08-16 19:06 - 2014-11-04 08:07 - 000740822 _____ C:\windows\system32\perfh005.dat
2017-08-16 19:06 - 2014-11-04 08:07 - 000151948 _____ C:\windows\system32\perfc005.dat
2017-08-16 19:06 - 2014-03-18 11:53 - 001748728 _____ C:\windows\system32\PerfStringBackup.INI
2017-08-16 19:06 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2017-08-16 18:57 - 2015-12-25 15:40 - 000000000 ____D C:\ProgramData\IObit
2017-08-16 18:55 - 2015-12-25 15:40 - 000000000 ____D C:\Users\Terouš123\AppData\Roaming\IObit
2017-08-16 17:43 - 2017-03-27 11:30 - 000001070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-16 17:43 - 2016-10-07 18:32 - 000003888 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1475857930
2017-08-16 17:25 - 2013-08-22 16:44 - 000494464 _____ C:\windows\system32\FNTCACHE.DAT
2017-08-16 17:20 - 2016-01-31 23:11 - 000000000 ____D C:\windows\system32\appraiser
2017-08-16 17:20 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2017-08-16 17:12 - 2015-12-25 15:58 - 000000000 ____D C:\Users\Terouš123\AppData\Local\Packages
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-16 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2017-08-16 17:08 - 2013-08-22 15:25 - 000000167 _____ C:\windows\win.ini
2017-08-16 17:06 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2017-08-16 16:58 - 2015-12-27 15:45 - 000000000 ____D C:\windows\system32\MRT
2017-08-16 16:52 - 2015-12-27 15:45 - 140394280 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2017-08-16 16:18 - 2017-04-11 19:35 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-16 16:18 - 2017-04-11 19:35 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-15 19:46 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2017-08-15 19:44 - 2017-02-11 12:06 - 000003914 _____ C:\windows\System32\Tasks\Avast Emergency Update
2017-08-15 19:44 - 2015-12-25 16:22 - 001015880 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146704 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys
2017-08-15 19:44 - 2015-12-25 16:22 - 000146696 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906668707
2017-08-15 19:43 - 2015-12-25 16:22 - 000585608 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000361336 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000198768 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000146664 _____ (AVAST Software) C:\windows\system32\Drivers\aswmonflt.sys.150281906106203
2017-08-15 19:43 - 2015-12-25 16:22 - 000110352 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000084392 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2017-08-15 19:43 - 2015-12-25 16:22 - 000046984 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2017-08-15 19:43 - 2015-12-25 16:20 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-15 19:42 - 2017-02-11 12:06 - 000343288 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbloga.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000320008 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsdrivera.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000198976 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbidsha.sys
2017-08-15 19:42 - 2017-02-11 12:06 - 000057728 _____ (AVAST Software s.r.o.) C:\windows\system32\Drivers\aswbuniva.sys
2017-08-15 19:42 - 2016-10-02 12:50 - 000041800 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2017-08-15 19:42 - 2015-12-25 23:15 - 000004372 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2017-08-15 19:42 - 2015-12-25 16:22 - 001015848 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.150281906668707
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed
2017-08-15 19:42 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed
2017-08-15 19:37 - 2015-12-25 15:39 - 000000000 ____D C:\ProgramData\ProductData
2017-08-15 19:30 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-15 19:21 - 2017-01-22 10:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== Files in the root of some directories =======
2014-11-04 07:35 - 2014-11-04 07:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-08-16 19:12 - 2017-08-16 19:12 - 000000086 _____ () C:\ProgramData\log_for_LU.txt
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-16 16:40
==================== End of FRST.txt ============================
Re: pomalý notebook
Napsal: 17 srp 2017 17:59
OK, dík za připomenutí. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
Re: pomalý notebook
Napsal: 17 srp 2017 18:21
Fix result of Farbar Recovery Scan Tool (x64) Version: 16-08-2017
Ran by Terouš123 (17-08-2017 19:13:59) Run:1
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5375676-c050-11e5-8275-d07e352270ad} => key removed successfully
HKLM\Software\Classes\CLSID\{b5375676-c050-11e5-8275-d07e352270ad} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key removed successfully
HKLM\Software\Classes\CLSID\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key not found.
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7529789 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 69277789 B
Edge => 0 B
Chrome => 17643853 B
Firefox => 217072956 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1265898 B
systemprofile32 => 1006953 B
LocalService => 7936 B
NetworkService => 0 B
Terouš123 => 38159217 B
RecycleBin => 21542658 B
EmptyTemp: => 368.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:05 ====
Ran by Terouš123 (17-08-2017 19:13:59) Run:1
Running from C:\Users\Terouš123\Desktop
Loaded Profiles: Terouš123 (Available Profiles: Terouš123)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\...\MountPoints2: {b5375676-c050-11e5-8275-d07e352270ad} - "E:\SETUP.EXE"
GroupPolicy: Restriction - Chrome <==== ATTENTION
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3711724810-2781737708-1749865010-1001 -> {A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} URL =
C:\windows\system32\ApnDatabase.xml
C:\ProgramData\DP45977C.lfl
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5375676-c050-11e5-8275-d07e352270ad} => key removed successfully
HKLM\Software\Classes\CLSID\{b5375676-c050-11e5-8275-d07e352270ad} => key not found.
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key removed successfully
HKLM\Software\Classes\CLSID\{A0C491AD-D9FB-42B2-A65D-A9E664E3BD09} => key not found.
C:\windows\system32\ApnDatabase.xml => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
=========== EmptyTemp: ==========
BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7529789 B
Java, Flash, Steam htmlcache => 540 B
Windows/system/drivers => 69277789 B
Edge => 0 B
Chrome => 17643853 B
Firefox => 217072956 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1265898 B
systemprofile32 => 1006953 B
LocalService => 7936 B
NetworkService => 0 B
Terouš123 => 38159217 B
RecycleBin => 21542658 B
EmptyTemp: => 368.2 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 19:15:05 ====
Re: pomalý notebook
Napsal: 17 srp 2017 18:47
Smazáno. Nastala nějaká změna?
Re: pomalý notebook
Napsal: 17 srp 2017 18:54
ne, vše strašně dlouho trvá než se načte. To je prostě o nervy 
Re: pomalý notebook
Napsal: 17 srp 2017 20:02
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Re: pomalý notebook
Napsal: 18 srp 2017 15:18
Malwarebytes
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.08.17
Čas skenování: 16:05
Logovací soubor: já.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2612
Licence: Zkušební
-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: TEROUS\Terou\u00c5\u00a1123
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 326131
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 3
Uplynulý čas: 7 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}, V karanténě, [627], [243431],1.0.2612
Hodnota v registru: 2
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DESKCUTV2@GMAIL.COM, V karanténě, [11140], [237725],1.0.2612
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}|URL, V karanténě, [627], [243431],1.0.2612
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 18.08.17
Čas skenování: 16:05
Logovací soubor: já.txt
Správce: Ano
-Informace o softwaru-
Verze: 3.1.2.1733
Verze komponentů: 1.0.160
Aktualizovat verzi balíku komponent: 1.0.2612
Licence: Zkušební
-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: TEROUS\Terou\u00c5\u00a1123
-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 326131
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 3
Uplynulý čas: 7 min, 15 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Povoleno
Potenciálně nežádoucí modifikace: Povoleno
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 1
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}, V karanténě, [627], [243431],1.0.2612
Hodnota v registru: 2
PUP.Optional.DeskCut, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|DESKCUTV2@GMAIL.COM, V karanténě, [11140], [237725],1.0.2612
PUP.Optional.Spigot, HKU\S-1-5-21-3711724810-2781737708-1749865010-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{1A1EA4EB-46C6-4261-B471-C9C2E1FE7464}|URL, V karanténě, [627], [243431],1.0.2612
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: pomalý notebook
Napsal: 18 srp 2017 16:56
Všechny nálezy MBAM smažte.
Re: pomalý notebook
Napsal: 18 srp 2017 17:18
Smazáno
Re: pomalý notebook
Napsal: 18 srp 2017 18:06
Změnilo se něco nyní?
Re: pomalý notebook
Napsal: 18 srp 2017 18:08
Je to rychlejší a už se neseká. Je ještě nějaká rada nebo pomoc jak to více zrychlit.