VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=155402

Stránka 1 z 1

Prosím o preventivní kontrolu

Napsal: 06 led 2019 13:00
od curt-xx
Dobrý den,

prosím o preventivní kontrolu.

Předem moc děkuji

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pája at 2019-01-06 12:42:25
Microsoft Windows 8.1
System drive C: has 705 GB (77%) free of 911 GB
Total RAM: 7128 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:42:30, on 6. 1. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files\Lenovo\iMController\AutoUpdate.exe
C:\Program Files\trend micro\Pája.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 11984 bytes

======Listing Processes======






wininit.exe
winlogon.exe


C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
atieclxx
C:\windows\system32\svchost.exe -k NetworkService

C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\System32\lpksetup.exe -v
taskhostex.exe
"C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe" /LOGON
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {D541F6F1-CCCA-413C-9102-10DFED1943A6}
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\windows\system32\CxAudMsg64.exe
C:\windows\system32\DbxSvc.exe
C:\windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Lenovo\iMController\SystemAgentService.exe"
dashost.exe {ddd2cb0e-0b59-4fc0-b446ca39dcc0c198}
C:\Windows\System32\LenovoWiFiHotspotSvr.exe
"C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe"
"C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe"
"C:\Program Files\CyberLink\Shared files\RichVideo64.exe"
C:\windows\SysWOW64\SAsrv.exe
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe /Embedding
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-68c14d24-e9af-47fa-b074-452c6ae78e97 -SystemEventPortName:HostProcess-8daee4c1-5df2-4791-8580-a3f3693a269d -IoCancelEventPortName:HostProcess-d1500b67-3215-4c82-94e1-86eb73bc4a84 -NonStateChangingEventPortName:HostProcess-899984d1-6a02-4ebe-9e03-43fdb496d95f -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:53b50480-78af-438a-9760-dcaa04c23cb3 -DeviceGroupId:WudfDefaultDevicePool
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files\CONEXANT\ForteConfig\fmapp.exe"
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Windows\RTFTrack.exe"
"C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe"
"C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe"
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe"
AvastUI.exe /nogui
"C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE"
"C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe" -quickstart
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\Pája\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=host_int_account1_boot=5711117040 --annotation=machine_id=5927a2f4-98df-4b92-b7da-541dd2387344 --annotation=platform=win --annotation=platform_version=8.1 --initial-client-data=0x120,0x124,0x128,0x11c,0x12c,0x6d0cdda4,0x6d0cddb4,0x6d0cddc4
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -session-token:d8edef98-818c-4e50-bbf6-c87a99ab7511 -target-handle:336 -target-shutdown-event:300 -target-restart-event:284 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.5.4 -method:collectupload -handler-pipe:\\.\pipe\crashpad_4660_WQLWBTCJHQCFDIHF
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe" Restart Start EEU 52 -1
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor

CefSharp.BrowserSubprocess.exe --type=gpu-process --no-sandbox --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=7,10,18,19,20,23,26,41,74 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x9851 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.302.1601.1001 --gpu-driver-date=4-18-2014 --gpu-secondary-vendor-ids=0x1002 --gpu-secondary-device-ids=0x666f --lang=en-US --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --service-request-channel-token=CF3B3F65A810909D8CD9B153392516AE --mojo-platform-channel-handle=3676 /prefetch:2
"C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe" /showasync
"C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe" --type=renderer --enable-threaded-compositing --no-sandbox --disable-databases --lang=cs --dropbox-schemes=dbx-local --dropbox-cors --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --disable-gpu-compositing --channel="4660.0.1872910683\904708322" /prefetch:673131151

C:\windows\system32\wbem\unsecapp.exe -Embedding
adb fork-server server
"C:\windows\system32\SearchFilterHost.exe" 0 568 572 580 65536 576
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Lenovo\iMController\AutoUpdate.exe"
wmiadap.exe /F /T /R
C:\windows\servicing\TrustedInstaller.exe
C:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe -Embedding
"C:\Users\Pája\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-03-14 229040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2018-05-15 2353944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2018-05-15 1744672]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ForteConfig"=C:\Program Files\Conexant\ForteConfig\fmapp.exe [2010-10-26 49056]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2012-06-13 1647616]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2013-09-05 907480]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-12 2891592]
"RtsFT"=C:\windows\RTFTrack.exe [2014-01-21 6340312]
"PhoneCompanion"=C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [2014-11-28 836592]
"Energy Manager"=C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [2014-11-28 16094704]
"Lenovo Utility"=C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [2014-11-28 10842096]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-06 261512]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2014-12-23 833240]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-28 49799184]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2018-11-28 30872640]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-28 19554936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #3"=C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [2018-12-20 8992976]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2014-04-19 766688]
"UpdateP2GShortCut"=C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2011-12-07 214312]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2018-12-13 4049216]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-06 261512]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2014-02-26 134784]

C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 1.1.0.lnk - C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2019-01-06 12:42:25 ----D---- C:\rsit
2019-01-06 12:42:25 ----D---- C:\Program Files\trend micro
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbuniv.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswblog.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbidsh.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswbidsdriver.sys
2019-01-06 12:34:08 ----A---- C:\windows\system32\drivers\aswArDisk.sys
2019-01-06 12:33:53 ----A---- C:\windows\system32\aswBoot.exe
2019-01-05 22:25:21 ----D---- C:\Program Files\CCleaner
2018-12-24 15:46:52 ----A---- C:\windows\system32\drivers\staport.sys
2018-12-22 10:30:24 ----A---- C:\windows\SYSWOW64\jscript.dll
2018-12-22 10:30:24 ----A---- C:\windows\system32\jscript.dll
2018-12-16 21:28:36 ----A---- C:\windows\system32\mshtml.dll
2018-12-16 21:28:34 ----A---- C:\windows\SYSWOW64\mshtml.dll
2018-12-16 21:28:32 ----A---- C:\windows\system32\wmp.dll
2018-12-16 21:28:31 ----A---- C:\windows\SYSWOW64\wmp.dll
2018-12-16 21:28:29 ----A---- C:\windows\system32\ieframe.dll
2018-12-16 21:28:28 ----A---- C:\windows\SYSWOW64\ieframe.dll
2018-12-16 21:28:27 ----A---- C:\windows\system32\jscript9.dll
2018-12-16 21:28:26 ----A---- C:\windows\system32\win32k.sys
2018-12-16 21:28:25 ----A---- C:\windows\SYSWOW64\msxml6.dll
2018-12-16 21:28:25 ----A---- C:\windows\system32\msxml6.dll
2018-12-16 21:28:25 ----A---- C:\windows\system32\msxml3.dll
2018-12-16 21:28:24 ----A---- C:\windows\SYSWOW64\Windows.Globalization.dll
2018-12-16 21:28:24 ----A---- C:\windows\SYSWOW64\msxml3.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\rpcrt4.dll
2018-12-16 21:28:24 ----A---- C:\windows\system32\GdiPlus.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\vbscript.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\rpcrt4.dll
2018-12-16 21:28:22 ----A---- C:\windows\SYSWOW64\GdiPlus.dll
2018-12-16 21:28:22 ----A---- C:\windows\system32\vbscript.dll
2018-12-16 21:28:22 ----A---- C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28:21 ----A---- C:\windows\system32\gdi32.dll
2018-12-16 21:28:17 ----A---- C:\windows\system32\drivers\tm.sys
2018-12-16 21:28:07 ----A---- C:\windows\system32\t2embed.dll
2018-12-16 21:28:05 ----A---- C:\windows\SYSWOW64\t2embed.dll
2018-12-16 21:28:04 ----A---- C:\windows\system32\drivers\msrpc.sys
2018-12-16 21:28:02 ----A---- C:\windows\SYSWOW64\gdi32.dll
2018-12-16 21:27:51 ----A---- C:\windows\SYSWOW64\jscript9.dll
2018-12-16 21:27:48 ----A---- C:\windows\system32\wininet.dll
2018-12-16 21:27:46 ----A---- C:\windows\system32\urlmon.dll
2018-12-16 21:27:45 ----A---- C:\windows\system32\inetcomm.dll
2018-12-16 21:27:44 ----A---- C:\windows\SYSWOW64\wininet.dll
2018-12-16 21:27:43 ----A---- C:\windows\system32\msfeeds.dll
2018-12-16 21:27:42 ----A---- C:\windows\SYSWOW64\inetcomm.dll
2018-12-16 21:27:41 ----A---- C:\windows\SYSWOW64\urlmon.dll
2018-12-16 21:27:40 ----A---- C:\windows\system32\ieapfltr.dll
2018-12-16 21:27:39 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2018-12-16 21:27:38 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2018-12-16 21:27:37 ----A---- C:\windows\SYSWOW64\GlobCollationHost.dll
2018-12-16 21:27:37 ----A---- C:\windows\system32\GlobCollationHost.dll
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-stable.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-dev.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\drivers\dbx-canary.sys
2018-12-13 06:12:48 ----A---- C:\windows\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2019-01-06 12:42:25 ----RD---- C:\Program Files
2019-01-06 12:42:13 ----D---- C:\windows\Temp
2019-01-06 12:42:13 ----D---- C:\windows\Prefetch
2019-01-06 12:39:54 ----D---- C:\windows\system32\config
2019-01-06 12:39:09 ----D---- C:\windows\SoftwareDistribution
2019-01-06 12:39:09 ----AD---- C:\Windows
2019-01-06 12:37:12 ----D---- C:\windows\WinSxS
2019-01-06 12:37:11 ----RD---- C:\Program Files (x86)
2019-01-06 12:37:11 ----D---- C:\windows\system32\drivers
2019-01-06 12:37:11 ----D---- C:\Program Files (x86)\Google
2019-01-06 12:37:10 ----D---- C:\ProgramData\Norton
2019-01-06 12:37:05 ----SHD---- C:\System Volume Information
2019-01-06 12:35:43 ----D---- C:\windows\system32\catroot
2019-01-06 12:35:14 ----D---- C:\windows\system32\Tasks
2019-01-06 12:33:53 ----RAD---- C:\windows\System32
2019-01-06 12:33:46 ----D---- C:\ProgramData\AVAST Software
2019-01-06 12:29:04 ----D---- C:\windows\Inf
2019-01-06 12:28:35 ----D---- C:\windows\AppReadiness
2019-01-06 12:26:07 ----A---- C:\windows\system32\PerfStringBackup.INI
2019-01-06 12:25:06 ----SHD---- C:\windows\Installer
2019-01-06 12:25:04 ----D---- C:\Program Files (x86)\McAfee Safe Connect
2019-01-06 12:24:29 ----D---- C:\windows\system32\sru
2019-01-05 23:09:25 ----HD---- C:\ProgramData
2019-01-05 22:55:26 ----HD---- C:\windows\ELAMBKUP
2019-01-05 22:55:26 ----D---- C:\Program Files\Common Files
2019-01-05 22:28:20 ----D---- C:\windows\Panther
2019-01-05 22:28:18 ----D---- C:\windows\Logs
2019-01-05 22:28:18 ----D---- C:\windows\debug
2019-01-05 22:28:17 ----D---- C:\windows\Minidump
2019-01-04 14:43:04 ----D---- C:\windows\CbsTemp
2019-01-04 14:42:04 ----D---- C:\windows\SysWOW64
2019-01-04 14:41:17 ----D---- C:\windows\Microsoft.NET
2019-01-04 14:22:01 ----D---- C:\ProgramData\LU
2018-12-22 11:26:45 ----D---- C:\windows\rescache
2018-12-22 10:24:28 ----D---- C:\windows\system32\MRT
2018-12-22 10:17:49 ----AC---- C:\windows\system32\MRT.exe
2018-12-19 12:48:15 ----D---- C:\windows\system32\DriverStore
2018-12-19 12:43:28 ----D---- C:\windows\SYSWOW64\en-US
2018-12-19 12:43:28 ----D---- C:\windows\SYSWOW64\cs-CZ
2018-12-19 12:43:27 ----D---- C:\windows\system32\en-US
2018-12-19 12:43:27 ----D---- C:\windows\system32\cs-CZ
2018-12-17 15:32:20 ----RSD---- C:\windows\assembly
2018-12-17 15:31:33 ----D---- C:\ProgramData\Microsoft Help
2018-12-17 15:29:07 ----A---- C:\windows\win.ini
2018-12-17 15:27:43 ----D---- C:\windows\system32\catroot2
2018-12-16 20:38:08 ----D---- C:\Program Files (x86)\Dropbox
2018-12-10 23:04:09 ----N---- C:\windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\windows\System32\drivers\amd_sata.sys [2014-03-21 81608]
R0 amd_xata;amd_xata; C:\windows\System32\drivers\amd_xata.sys [2014-03-21 23752]
R0 amdkmpfd;@oem1.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\windows\System32\drivers\amdkmpfd.sys [2013-12-12 36608]
R0 amdpsp;@oem62.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\windows\system32\DRIVERS\amdpsp.sys [2017-06-12 243048]
R0 aswArDisk;aswArDisk; C:\windows\system32\drivers\aswArDisk.sys [2019-01-06 37304]
R0 aswbidsh;aswbidsh; C:\windows\system32\drivers\aswbidsh.sys [2019-01-06 196264]
R0 aswblog;aswblog; C:\windows\system32\drivers\aswblog.sys [2019-01-06 320888]
R0 aswbuniv;aswbuniv; C:\windows\system32\drivers\aswbuniv.sys [2019-01-06 58160]
R0 aswRvrt;aswRvrt; C:\windows\system32\drivers\aswRvrt.sys [2019-01-06 88144]
R0 aswVmm;aswVmm; C:\windows\system32\drivers\aswVmm.sys [2019-01-06 380144]
R0 BTATH_BUS;@oem10.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\windows\System32\drivers\btath_bus.sys [2014-02-26 35016]
R1 aswArPot;aswArPot; C:\windows\system32\drivers\aswArPot.sys [2019-01-06 203488]
R1 aswbidsdriver;aswbidsdriver; C:\windows\system32\drivers\aswbidsdriver.sys [2019-01-06 220688]
R1 aswHdsKe;aswHdsKe; C:\windows\system32\drivers\aswHdsKe.sys [2019-01-06 239808]
R1 aswKbd;aswKbd; C:\windows\system32\drivers\aswKbd.sys [2019-01-06 42488]
R1 aswRdr;aswRdr; C:\windows\system32\drivers\aswRdr2.sys [2019-01-06 111992]
R1 aswSnx;aswSnx; C:\windows\system32\drivers\aswSnx.sys [2019-01-06 1034056]
R1 aswSP;aswSP; C:\windows\system32\drivers\aswSP.sys [2019-01-06 474648]
R2 APXACC;@oem6.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\windows\system32\DRIVERS\appexDrv.sys [2013-11-01 224992]
R2 aswMonFlt;aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [2019-01-06 166472]
R2 aswStm;aswStm; C:\windows\system32\drivers\aswStm.sys [2019-01-06 218056]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2009-08-14 11576]
R3 ACPIVPC;@oem36.inf,%ACPIVPC.SvcDesc%;Lenovo Virtual Power Controller Driver; C:\windows\System32\drivers\AcpiVpc.sys [2014-11-28 35576]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2014-04-19 13269504]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2014-04-19 625152]
R3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys [2014-02-26 89800]
R3 athr;@oem14.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athwbx.sys [2014-03-07 3892224]
R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdWB6.sys [2014-03-12 222720]
R3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys [2014-02-26 355528]
R3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\windows\system32\drivers\btath_avdt.sys [2014-02-26 118984]
R3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\windows\System32\drivers\btath_hcrp.sys [2014-02-26 179432]
R3 BTATH_LWFLT;@oem17.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys [2014-02-26 77464]
R3 BTATH_RCP;@oem19.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\windows\System32\drivers\btath_rcp.sys [2014-02-26 137928]
R3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys [2014-02-26 598216]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\windows\System32\drivers\bthpan.sys [2017-07-06 119296]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
R3 CnxtHdAudService;@oem8.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Conexant UAA Function Driver for High Definition Audio Service; C:\windows\system32\drivers\CHDRT64.sys [2014-01-28 1474240]
R3 ETD;@oem9.inf,%PS2DeviceDesc%;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2014-02-11 377608]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
R3 RTL8168;@oem7.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\windows\system32\DRIVERS\Rt630x64.sys [2013-12-18 839896]
R3 rtsuvc;@oem25.inf,%rtsuvc.DeviceDesc%;Lenovo EasyCamera; C:\windows\system32\DRIVERS\rtsuvc.sys [2014-01-21 9105624]
S1 deikbbou;deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys []
S3 aftap0901;@oem44.inf,%DeviceDescription%;AnchorFree TAP-Windows Adapter V9; C:\windows\system32\DRIVERS\aftap0901.sys [2018-03-06 48624]
S3 amdkmcsp;@oem62.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\windows\system32\DRIVERS\amdkmcsp.sys [2017-06-12 101232]
S3 aswHwid;aswHwid; C:\windows\system32\drivers\aswHwid.sys [2019-01-06 46584]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\windows\System32\Drivers\BTHport.sys [2015-05-11 1201664]
S3 dbx;dbx; C:\windows\system32\DRIVERS\dbx.sys []
S3 dg_ssudbus;@oem5.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 e1iexpress;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\windows\system32\DRIVERS\e1i63x64.sys [2013-06-18 460288]
S3 grmnusb;grmnusb; C:\windows\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 ldiagio_uefi;ldiagio; \??\C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [2015-12-22 25248]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS []
S3 NETwNe64;@netwew02.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit; C:\windows\system32\DRIVERS\NETwew02.sys [2013-06-18 4649440]
S3 RSUSBVSTOR;@oem16.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUVStor.sys [2014-02-27 331992]
S3 ssudmdm;@oem63.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;USB Scanner Driver; C:\windows\System32\drivers\usbscan.sys [2014-10-29 44544]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-08-13 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2014-04-19 239616]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-04-19 344064]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2014-02-26 319104]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-01-06 357816]
R2 CxAudMsg;@C:\windows\system32\CxAudMsg64.exe,-100; C:\windows\system32\CxAudMsg64.exe [2013-07-25 206552]
R2 DbxSvc;DbxSvc; C:\windows\system32\DbxSvc.exe [2018-12-13 51024]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\windows\System32\svchost.exe [2014-10-29 38792]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-10-09 99632]
R2 Lenovo System Agent Service;Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [2014-05-22 584960]
R2 LenovoWiFiHotspotSvr;Lenovo WiFiHotspot Service; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [2014-11-28 198192]
R2 LUService;LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [2014-02-18 38896]
R2 PhoneCompanionPusher;Lenovo PhoneCompanionPusher Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [2014-11-28 288240]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2012-04-25 390632]
R2 SAService;Conexant SmartAudio service; C:\windows\system32\SAsrv.exe []
R2 VeriFaceSrv;VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [2014-11-28 67856]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-01-06 7834368]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 107848]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\windows\System32\svchost.exe [2014-10-29 38792]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02 143144]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21 107848]
S3 Lenovo EasyPlus Hotspot;Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [2014-06-03 533760]
S3 LSC.Services.SystemService;Lenovo Solution Center System Service; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [2016-08-24 273232]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-12 160960]
S3 PhoneCompanionVap;Lenovo PhoneCompanionVap Service; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [2014-11-28 308720]

-----------------EOF-----------------

Re: Prosím o preventivní kontrolu

Napsal: 06 led 2019 13:01
od curt-xx
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by Pája (administrator) on LENOVIK (06-01-2019 12:43:49)
Running from C:\Users\Pája\Desktop
Loaded Profiles: Pája (Available Profiles: Pája)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Pokki) C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
() C:\Users\Pája\Desktop\RSITx64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2014-02-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4049216 2018-12-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\RunOnce: [Application Restart #3] => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
HKLM\...\Drivers32-x32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2014-10-29] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2014-10-29] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-11-28] ()
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 1.1.0.lnk [2015-03-22]
ShortcutTarget: OpenOffice.org 1.1.0.lnk -> C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{919F770A-BB88-4F92-BBD3-908315F5233B}: [DhcpNameServer] 150.209.1.3
Tcpip\..\Interfaces\{EC69B7E1-3AC6-4622-9CDB-5AFB221405D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-03-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"

CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default [2019-01-06]
CHR Extension: (Slides) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2018-09-23]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-31]
CHR Extension: (Sheets) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-29]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-06-14]
CHR Extension: (Skype) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-20]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2017-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-01]
CHR Extension: (Gmail) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-2296160937-1354267295-71492202-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-28] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-11-28] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 amdkmcsp; C:\windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-06] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [166472 2019-01-06] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [25248 2015-12-22] (Lenovo Group Limited (R))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-06 12:43 - 2019-01-06 12:44 - 000022912 _____ C:\Users\Pája\Desktop\FRST.txt
2019-01-06 12:43 - 2019-01-06 12:43 - 000000000 ____D C:\FRST
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-01-06 12:34 - 2019-01-06 12:33 - 000037304 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000320888 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000220688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000196264 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000058160 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-01-06 12:33 - 2019-01-06 12:33 - 000361352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 002426368 _____ (Farbar) C:\Users\Pája\Desktop\FRST64.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
2019-01-05 22:25 - 2019-01-05 22:25 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2019-01-05 22:25 - 2019-01-05 22:25 - 000002804 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-01-05 22:25 - 2019-01-05 22:25 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\Program Files\CCleaner
2019-01-04 21:40 - 2019-01-05 22:55 - 000000000 ____D C:\windows\System32\Tasks\Remediation
2018-12-24 15:46 - 2018-12-24 15:46 - 000052328 _____ () C:\windows\system32\Drivers\staport.sys
2018-12-24 15:43 - 2018-12-24 15:43 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-12-23 09:51 - 2018-12-23 09:55 - 000000000 ____D C:\Users\Pája\Desktop\Kosátko
2018-12-23 09:32 - 2018-12-23 09:34 - 000000000 ____D C:\Users\Pája\Desktop\flash 201812
2018-12-22 10:30 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-12-22 10:30 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-12-17 14:58 - 2018-12-17 22:04 - 001649061 _____ C:\Users\Pája\Downloads\Kosík_3.xlsx
2018-12-17 14:58 - 2018-12-17 14:58 - 000000165 ____H C:\Users\Pája\Downloads\~$Kosík_3.xlsx
2018-12-16 21:28 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-12-16 21:28 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-12-16 21:28 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-12-16 21:28 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-12-16 21:28 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-12-16 21:28 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-12-16 21:28 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-12-16 21:28 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-12-16 21:28 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-12-16 21:28 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-12-16 21:28 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-12-16 21:28 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2018-12-16 21:28 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-12-16 21:28 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-12-16 21:28 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-12-16 21:28 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-12-16 21:28 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-12-16 21:28 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-12-16 21:28 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-12-16 21:28 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-12-16 21:28 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-12-16 21:28 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-12-16 21:28 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\SysWOW64\locale.nls
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\system32\locale.nls
2018-12-16 21:27 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-12-16 21:27 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-12-16 21:27 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-12-16 21:27 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2018-12-16 21:27 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2018-12-16 20:37 - 2018-12-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-13 06:12 - 2018-12-13 06:12 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys
2018-12-08 12:52 - 2018-12-08 12:52 - 000101957 _____ C:\Users\Pája\Downloads\particka.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-06 12:43 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\SweetLabs App Platform
2019-01-06 12:42 - 2015-03-05 07:59 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2296160937-1354267295-71492202-1002
2019-01-06 12:39 - 2017-01-22 15:37 - 000050176 ___SH C:\Users\Pája\Desktop\Thumbs.db
2019-01-06 12:39 - 2016-10-02 16:08 - 000000000 ___RD C:\Users\Pája\Dropbox
2019-01-06 12:37 - 2016-10-02 16:04 - 000000916 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files\Google
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-06 12:37 - 2015-03-29 20:51 - 000000000 ____D C:\ProgramData\Norton
2019-01-06 12:37 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-01-06 12:36 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2019-01-06 12:35 - 2018-06-06 08:08 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-01-06 12:35 - 2014-11-28 05:25 - 000004608 _____ C:\windows\system32\VfService.trf
2019-01-06 12:33 - 2018-10-23 17:50 - 000042488 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000474648 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000380144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000239808 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000218056 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000203488 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000166472 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000111992 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000088144 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000046584 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2019-01-06 12:33 - 2018-06-06 08:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-06 12:32 - 2018-06-06 08:07 - 001034056 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-01-06 12:29 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2019-01-06 12:28 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\Packages
2019-01-06 12:28 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2019-01-06 12:26 - 2014-11-28 05:23 - 000734494 _____ C:\windows\system32\perfh005.dat
2019-01-06 12:26 - 2014-11-28 05:23 - 000148824 _____ C:\windows\system32\perfc005.dat
2019-01-06 12:26 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2019-01-06 12:25 - 2015-03-05 07:57 - 000003918 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A4127C0C-E430-420C-98E4-4677B5D74F72}
2019-01-05 23:09 - 2016-02-21 19:23 - 000000000 ____D C:\Users\Pája\AppData\Local\Google
2019-01-05 22:55 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2019-01-05 22:55 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2019-01-05 22:34 - 2018-06-06 08:13 - 000000000 ____D C:\Users\Pája\AppData\Local\AVAST Software
2019-01-05 22:28 - 2015-09-11 00:04 - 000000000 ____D C:\windows\Minidump
2019-01-05 22:28 - 2015-03-27 21:02 - 000000000 ____D C:\Users\Pája\AppData\Local\CrashDumps
2019-01-05 22:28 - 2014-04-03 20:15 - 000000000 ____D C:\windows\Panther
2019-01-05 22:26 - 2015-03-29 21:39 - 000528896 ___SH C:\Users\Pája\Downloads\Thumbs.db
2019-01-04 22:49 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája
2019-01-04 22:16 - 2016-10-02 16:04 - 000000920 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-04 14:43 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2019-01-04 14:22 - 2014-11-28 05:39 - 000000000 ____D C:\ProgramData\LU
2019-01-04 14:21 - 2015-06-28 11:25 - 000001279 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2019-01-04 14:20 - 2016-02-21 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-24 15:46 - 2018-06-06 08:11 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-22 11:26 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-12-22 10:24 - 2015-03-11 23:32 - 000000000 ____D C:\windows\system32\MRT
2018-12-22 10:17 - 2015-03-11 23:32 - 137260640 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-12-22 10:08 - 2015-12-06 23:37 - 000002444 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2018-12-22 10:06 - 2016-02-21 19:23 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-22 10:06 - 2016-02-21 19:23 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-22 10:06 - 2015-12-13 23:17 - 000003296 _____ C:\windows\System32\Tasks\SweetLabs App Platform
2018-12-19 12:47 - 2013-08-22 15:44 - 000501992 _____ C:\windows\system32\FNTCACHE.DAT
2018-12-17 15:32 - 2015-10-11 20:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-12-17 15:29 - 2013-08-22 14:25 - 000000188 _____ C:\windows\win.ini
2018-12-16 20:53 - 2016-02-21 19:24 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 20:53 - 2016-02-21 19:24 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-16 20:38 - 2016-10-02 16:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-10 23:04 - 2015-03-29 20:43 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-22 11:02 - 2015-03-22 11:02 - 000000091 _____ () C:\Users\Pája\AppData\Roaming\sversion.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 14:41

==================== End of FRST.txt ============================

Re: Prosím o preventivní kontrolu

Napsal: 06 led 2019 13:01
od curt-xx
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Pája (06-01-2019 12:45:23)
Running from C:\Users\Pája\Desktop
Windows 8.1 (Update) (X64) (2015-03-05 06:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2296160937-1354267295-71492202-500 - Administrator - Disabled)
Guest (S-1-5-21-2296160937-1354267295-71492202-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2296160937-1354267295-71492202-1004 - Limited - Enabled)
Pája (S-1-5-21-2296160937-1354267295-71492202-1002 - Administrator - Enabled) => C:\Users\Pája

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{665D4B18-EA91-BE16-3212-218C63F5DC4E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.8.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.52 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Host App Service (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\SweetLabs_AP) (Version: 0.269.8.718 - Pokki) <==== ATTENTION
Image Studio Lite 5.2 (HKLM\...\Image Studio Lite_is1) (Version: 5.2.5 - LI-COR, Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.36.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo Web Start (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1) (Version: 1.0.2.53457 - Pokki)
Mendeley Desktop 1.13.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.13.4 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{27710125-9C94-0EEE-7A40-39C60DFF7ECA}_is1) (Version: for Windows - )
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{C5EBDB82-27D7-857C-D956-2955F2F463D8}_is1) (Version: for Windows - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice.org 1.1.0 (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\OpenOffice.org 1.1.0) (Version: 1.1.0 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Start Menu (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\SweetLabs_Start_Menu) (Version: 0.269.8.718 - Pokki)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001C0A50-B78A-41EB-AAB6-90A2C42DC9E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-23] (AVAST Software)
Task: {09F3A657-8465-4CCF-B84F-E0E24D6F566F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {0F7F2CCA-99AB-460F-94CB-661FE7970A80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {24C19A5F-DB50-4252-8BA4-38B58DFA098D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {2E7ED8E2-EAEC-4B9A-BB60-B6E0B9B2B986} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3191FC82-130C-4291-A8A6-7D1FC176827C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3363AB4C-CCD0-47EB-9869-AFF314AAEBF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {65F9FFA1-B6B0-4996-8E1B-77A0E3394B83} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {6953C01F-8746-45BC-95B8-E719D3FD94F8} - System32\Tasks\SweetLabs App Platform => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2018-12-20] (Pokki)
Task: {69B54E35-E81E-41CD-8749-1ECD91BACCDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {71DC6258-DE8F-4126-9DA7-2FAE7AA559A4} - System32\Tasks\{C44BFDFE-5BB3-4750-AD4D-76A99B22868E} => c:\program files (x86)\avast software\browser\application\avastbrowser.exe
Task: {762E607F-18EF-4716-90AD-3DEAF05AD2B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {76810D45-A05E-48FD-9989-EA1B59802BC1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {842DDCD8-67D5-4224-862F-B2D47550D5AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {842F41F0-CC4F-480C-8292-2ACC5A2CC013} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {878EAE75-5104-4D74-9862-FB797EA8BB31} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {9DF04557-035A-4B46-8377-7E49DCAA0F88} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {A91B072E-3A28-4A98-B2F0-89CC6726A411} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {AFE0C5E0-33C9-46DA-A03C-4E97FF6749A5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-11-28] ()
Task: {B417B4A0-FC95-495C-BC30-8765672825D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {B5E5F1C5-9A31-4665-B14E-80DBE84D418A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {C4F1D9F4-F47D-4E67-BC51-E6DF188EF864} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {E40D9130-F145-4FFA-8B13-C99BF3E745B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {FACB164D-1347-45A0-A8D1-65407CDCF3E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {FDA7A9B1-F138-47DE-ABC1-4C2F03756CA2} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {FF359F9B-F57D-4A46-97E3-79B08B4BA48C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-20 08:01 - 2015-02-20 08:01 - 000022528 _____ () C:\windows\System32\us001lm.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-11-28 05:21 - 2012-04-25 03:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-02-26 07:14 - 2014-02-26 07:14 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 07:11 - 2014-02-26 07:11 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-11-28 04:46 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-02-26 07:17 - 2014-02-26 07:17 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-03-26 21:50 - 2014-11-28 05:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-11-28 05:25 - 2014-11-28 05:25 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ () C:\Users\Pája\Desktop\RSITx64.exe
2017-04-18 04:45 - 2017-04-18 04:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2003-10-06 01:10 - 2003-10-06 01:10 - 008470528 _____ () C:\Program Files (x86)\OpenOffice.org1.1.0\program\icudt22l.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 22:13 - 2018-12-13 06:12 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-12-16 20:37 - 2018-12-13 06:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:14 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 011727696 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 22:13 - 2018-12-13 06:16 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-16 20:37 - 2018-12-13 06:15 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2017-04-18 04:45 - 2017-04-18 04:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 044778704 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\libPokki.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 001413856 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avcodec-54.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 000164064 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avutil-51.dll
2018-12-20 00:35 - 2018-12-20 00:35 - 000235744 _____ () C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\avformat-54.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 09:37 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB2202A0-6F50-4FC0-B92C-91CA74B40973}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{D5462924-8768-4332-B568-2CE9030B2AEA}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{ED6E2FA2-B544-4982-8537-F6B54EFABBEF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{F2C5BF95-5DF0-411B-8A76-4EF489660ACE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{17652394-3A18-45D8-80ED-585E8A8FA7DB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{04D06923-D298-47E6-A51D-1DE4DF899D3A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp.)
FirewallRules: [{4FF65943-C0BB-486D-8DF4-BFA4956B392B}] => (Allow) LPort=55100
FirewallRules: [{D976B529-AD82-4730-99A0-C81689C38C30}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo)
FirewallRules: [{D1ED99F8-5891-4A6A-8D40-09DCFFF05A80}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{595D84B2-DD66-476C-9C60-386EE13E6FA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{8A212669-46F5-4530-92AF-0E2E1B9723EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{972AF5F4-B40C-4CAB-9B05-8EBB5E82A691}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{E04CBB3C-59F3-48BA-AECC-65016FA3C3CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{5E56B3A0-5069-472B-B786-CE70962B0019}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{397A5955-EEEF-40EF-830A-774D4475C0F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{0300FF29-0992-4BA8-BD90-FE63B1A5ABF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FDFF3C38-C82D-4142-A65A-2098AD33CE45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{49C87F97-F265-4C17-BCE4-F9C4E6F92AE7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{2F4CE46F-FF8E-4979-8E05-914B581565AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{D54650BB-9DEB-4C64-A189-126E498F01F4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6D2F26F6-D0D7-4D88-8E96-54764E108D82}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{19C80DB7-A9D9-4490-A7D2-1BF0C4053322}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{E48B64DD-E2FF-4837-B28F-63FD7FDE9F54}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D9CC2362-9666-4744-BC82-234F40A034BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{C0D9A4C7-8BD4-44B9-83F0-96088624219E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A9BC7018-9E67-4E0B-8F27-B4CE77C39685}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{48EEEBC1-9282-4D1F-BDA8-9233B277F895}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{74F35348-75C2-4178-A4D1-F16F3E22ED2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

17-12-2018 15:16:36 Windows Update
22-12-2018 10:16:38 Windows Update
04-01-2019 14:41:24 Windows Update
06-01-2019 12:23:21 Removed McAfee Safe Connect

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2019 12:28:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (4100) WebCacheLocal: An attempt to open the file "C:\Users\Pája\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avastm) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avast) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:22:13 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).


System errors:
=============
Error: (01/05/2019 11:12:35 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (01/04/2019 03:07:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x2000000032117. The name of the file is "<unable to determine file name>".

Error: (01/04/2019 03:06:11 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000005642d. The name of the file is "<unable to determine file name>".

Error: (01/04/2019 02:42:03 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/04/2019 02:41:33 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/04/2019 09:34:37 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:17:02 on ‎31. ‎12. ‎2018 was unexpected.

Error: (12/31/2018 09:16:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.

Error: (12/24/2018 03:43:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avast Antivirus service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Run the configured recovery program.


Windows Defender:
===================================
Date: 2018-09-15 21:08:02.838
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {60B3DF77-3A9C-4FBC-9C50-D8F4830DF7BF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 21:00:38.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {760F0CCF-9CA1-4D02-8E0A-D7D1C9416A75}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:58:37.059
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8EE771B3-2648-4AB3-B868-46A5422D97A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 09:46:10.566
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8B045A70-DE0F-44F7-91D0-FE091FE38EF8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 04:20:51.586
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {44849852-4FD2-4AE8-9D2F-D344165FF8F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:37:05.842
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2018-09-15 19:37:04.235
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Date: 2018-09-15 19:35:20.184
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.

CodeIntegrity:
===================================

Date: 2018-09-06 04:20:54.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 14:19:36.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 09:33:11.644
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 30%
Total physical RAM: 7128.26 MB
Available physical RAM: 4929.43 MB
Total Virtual: 8280.26 MB
Available Virtual: 6233.82 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.06 GB) (Free:687.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.96 GB) NTFS
Drive e: (Pavla_DVD1) (CDROM) (Total:3.82 GB) (Free:0 GB) UDF

\\?\Volume{8d6ddfd7-1708-4de8-b05e-d3e821b2e0ba}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{6a012311-1a48-46c0-82c3-7b5a3e420d30}\ (PBR_DRV) (Fixed) (Total:14.12 GB) (Free:4.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A9F4670)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o preventivní kontrolu

Napsal: 06 led 2019 21:48
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosím o preventivní kontrolu

Napsal: 07 led 2019 18:33
od curt-xx
# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-07-2019
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 18
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Pokki
Deleted C:\Users\Public\Pokki
Not Deleted C:\Users\Pája\AppData\Local\SweetLabs App Platform

***** [ Files ] *****

Deleted C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\SweetLabs App Platform

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\SweetLabs App Platform
Deleted HKCU\Software\Classes\lnkfile\shell\pokki
Deleted HKCU\Software\Classes\Drive\shell\pokki
Deleted HKCU\Software\Classes\Directory\shell\pokki
Deleted HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
Deleted HKCU\Software\Classes\pokki
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM1
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM0
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6953C01F-8746-45BC-95B8-E719D3FD94F8}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SweetLabs App Platform

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2910 octets] - [07/01/2019 18:29:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Prosím o preventivní kontrolu

Napsal: 08 led 2019 21:08
od Conder
:arrow: Poprosim o obidva nove logy z FRST.

Re: Prosím o preventivní kontrolu

Napsal: 09 led 2019 19:38
od curt-xx
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.01.2019
Ran by Pája (administrator) on LENOVIK (09-01-2019 19:36:06)
Running from C:\Users\Pája\Desktop
Loaded Profiles: Pája (Available Profiles: Pája)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Lenovo PhoneCompanion\adb.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org1.1.0\program\soffice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe
(Google) C:\Users\Pája\AppData\Local\Google\Chrome\User Data\SwReporter\36.184.200\software_reporter_tool.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2014-02-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-11-28] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-11-28] (Lenovo(beijing) Limited)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4049216 2018-12-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-06] (AVAST Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] ()
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Technologies S.A.)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19554936 2018-11-28] (Piriform Software Ltd)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\RunOnce: [Application Restart #3] => C:\Users\Pája\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8992976 2018-12-20] (Pokki)
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
HKLM\...\Drivers32-x32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-16] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2014-11-28] ()
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\windows\system32\AthCredentialProvider.dll [2014-02-26] (Qualcomm®Atheros®)
Startup: C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 1.1.0.lnk [2015-03-22]
ShortcutTarget: OpenOffice.org 1.1.0.lnk -> C:\Program Files (x86)\OpenOffice.org1.1.0\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{919F770A-BB88-4F92-BBD3-908315F5233B}: [DhcpNameServer] 150.209.1.3
Tcpip\..\Interfaces\{EC69B7E1-3AC6-4622-9CDB-5AFB221405D6}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL =
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-12-25] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-22] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default [2019-01-09]
CHR Extension: (Slides) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-20]
CHR Extension: (Docs) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-20]
CHR Extension: (Google Drive) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (Google Search) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-30]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2018-09-23]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-12-31]
CHR Extension: (Sheets) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-05]
CHR Extension: (Avast Online Security) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-29]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-06-14]
CHR Extension: (Skype) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-20]
CHR Extension: (Norton Safe) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2017-10-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-01]
CHR Extension: (Gmail) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Pája\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-2296160937-1354267295-71492202-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-19] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-06] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-06] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-02] (Dropbox, Inc.)
R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2018-12-13] (Dropbox, Inc.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-10-09] (ELAN Microelectronics Corp.)
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [533760 2014-06-03] (Lenovo)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-05-22] (LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-11-28] (Lenovo(beijing) Limited)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-08-24] (Lenovo)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-11-28] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2014-11-28] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-25] ()
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2014-11-28] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-26] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aftap0901; C:\windows\system32\DRIVERS\aftap0901.sys [48624 2018-03-06] (The OpenVPN Project)
S3 amdkmcsp; C:\windows\system32\DRIVERS\amdkmcsp.sys [101232 2017-06-12] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-12] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\DRIVERS\amdpsp.sys [243048 2017-06-12] (Advanced Micro Devices, Inc. )
R2 APXACC; C:\windows\system32\DRIVERS\appexDrv.sys [224992 2013-11-01] (AppEx Networks Corporation)
R0 aswArDisk; C:\windows\System32\drivers\aswArDisk.sys [37304 2019-01-06] (AVAST Software)
R1 aswArPot; C:\windows\System32\drivers\aswArPot.sys [203488 2019-01-06] (AVAST Software)
R1 aswbidsdriver; C:\windows\System32\drivers\aswbidsdriver.sys [220688 2019-01-06] (AVAST Software)
R0 aswbidsh; C:\windows\System32\drivers\aswbidsh.sys [196264 2019-01-06] (AVAST Software)
R0 aswblog; C:\windows\System32\drivers\aswblog.sys [320888 2019-01-06] (AVAST Software)
R0 aswbuniv; C:\windows\System32\drivers\aswbuniv.sys [58160 2019-01-06] (AVAST Software)
R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [239808 2019-01-06] (AVAST Software)
S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46584 2019-01-06] (AVAST Software)
R1 aswKbd; C:\windows\System32\drivers\aswKbd.sys [42488 2019-01-06] (AVAST Software)
R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [166472 2019-01-06] (AVAST Software)
R1 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [111992 2019-01-06] (AVAST Software)
R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [88144 2019-01-06] (AVAST Software)
R1 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1034056 2019-01-06] (AVAST Software)
R1 aswSP; C:\windows\System32\drivers\aswSP.sys [474648 2019-01-06] (AVAST Software)
R2 aswStm; C:\windows\System32\drivers\aswStm.sys [218056 2019-01-06] (AVAST Software)
R0 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380144 2019-01-06] (AVAST Software)
R3 athr; C:\windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-07] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-12] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-26] (Qualcomm Atheros)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [25248 2015-12-22] (Lenovo Group Limited (R))
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [9105624 2014-01-21] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-09 19:35 - 2019-01-09 19:35 - 000000000 ____D C:\Users\Pája\Desktop\FRST-OlderVersion
2019-01-07 18:39 - 2019-01-07 18:39 - 000362491 _____ C:\Users\Pája\Downloads\optimalni_nastaveni_elektronickych_vypisu.pdf
2019-01-07 18:39 - 2019-01-07 18:39 - 000088251 _____ C:\Users\Pája\Downloads\CSP_CCR_12_81_0012108854_20181227.PDF
2019-01-07 18:29 - 2019-01-07 18:30 - 000000000 ____D C:\AdwCleaner
2019-01-07 18:27 - 2019-01-07 18:28 - 007320272 _____ (Malwarebytes) C:\Users\Pája\Desktop\adwcleaner_7.2.6.0.exe
2019-01-07 13:07 - 2019-01-07 13:07 - 000167073 _____ C:\Users\Pája\Desktop\Kosík_3_kos.xlsx
2019-01-07 13:02 - 2019-01-07 13:02 - 000169020 _____ C:\Users\Pája\Downloads\Kosík_3 (1).xlsx
2019-01-06 18:35 - 2019-01-06 18:35 - 940821296 _____ C:\windows\MEMORY.DMP
2019-01-06 18:35 - 2019-01-06 18:35 - 000281584 _____ C:\windows\Minidump\010619-23250-01.dmp
2019-01-06 12:45 - 2019-01-06 12:45 - 000055936 _____ C:\Users\Pája\Desktop\Addition.txt
2019-01-06 12:43 - 2019-01-09 19:36 - 000022472 _____ C:\Users\Pája\Desktop\FRST.txt
2019-01-06 12:43 - 2019-01-09 19:36 - 000000000 ____D C:\FRST
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-01-06 12:34 - 2019-01-06 12:33 - 000037304 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000320888 _____ (AVAST Software) C:\windows\system32\Drivers\aswblog.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000220688 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000196264 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-01-06 12:34 - 2019-01-06 12:32 - 000058160 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-01-06 12:33 - 2019-01-06 12:33 - 000361352 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-01-06 12:27 - 2019-01-09 19:35 - 002425344 _____ (Farbar) C:\Users\Pája\Desktop\FRST64.exe
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
2019-01-05 22:25 - 2019-01-05 22:25 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2019-01-05 22:25 - 2019-01-05 22:25 - 000002804 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2019-01-05 22:25 - 2019-01-05 22:25 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-05 22:25 - 2019-01-05 22:25 - 000000000 ____D C:\Program Files\CCleaner
2019-01-04 21:40 - 2019-01-05 22:55 - 000000000 ____D C:\windows\System32\Tasks\Remediation
2018-12-24 15:46 - 2018-12-24 15:46 - 000052328 _____ () C:\windows\system32\Drivers\staport.sys
2018-12-24 15:43 - 2018-12-24 15:43 - 000000000 _____ C:\windows\SysWOW64\last.dump
2018-12-23 09:51 - 2018-12-23 09:55 - 000000000 ____D C:\Users\Pája\Desktop\Kosátko
2018-12-23 09:32 - 2018-12-23 09:34 - 000000000 ____D C:\Users\Pája\Desktop\flash 201812
2018-12-22 10:30 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-12-22 10:30 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-12-17 14:58 - 2018-12-17 22:04 - 001649061 _____ C:\Users\Pája\Downloads\Kosík_3.xlsx
2018-12-17 14:58 - 2018-12-17 14:58 - 000000165 ____H C:\Users\Pája\Downloads\~$Kosík_3.xlsx
2018-12-16 21:28 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-12-16 21:28 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2018-12-16 21:28 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2018-12-16 21:28 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-12-16 21:28 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-12-16 21:28 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-12-16 21:28 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-12-16 21:28 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-12-16 21:28 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-12-16 21:28 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-12-16 21:28 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-12-16 21:28 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-12-16 21:28 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tm.sys
2018-12-16 21:28 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-12-16 21:28 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll
2018-12-16 21:28 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-12-16 21:28 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-12-16 21:28 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll
2018-12-16 21:28 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-12-16 21:28 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-12-16 21:28 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-12-16 21:28 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-12-16 21:28 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-12-16 21:28 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-12-16 21:28 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\windows\system32\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Globalization.dll
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\SysWOW64\locale.nls
2018-12-16 21:28 - 2018-10-05 16:18 - 000513376 _____ C:\windows\system32\locale.nls
2018-12-16 21:27 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-12-16 21:27 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-12-16 21:27 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-12-16 21:27 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-12-16 21:27 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-12-16 21:27 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-12-16 21:27 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-12-16 21:27 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\windows\system32\GlobCollationHost.dll
2018-12-16 21:27 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\windows\SysWOW64\GlobCollationHost.dll
2018-12-16 20:37 - 2018-12-16 20:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-13 06:12 - 2018-12-13 06:12 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys
2018-12-13 06:12 - 2018-12-13 06:12 - 000047800 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-09 19:16 - 2016-10-02 16:04 - 000000920 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-09 19:09 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2019-01-09 19:07 - 2015-03-05 07:59 - 000003594 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2296160937-1354267295-71492202-1002
2019-01-09 19:02 - 2015-10-11 20:04 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-01-09 18:50 - 2015-03-05 07:57 - 000003918 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A4127C0C-E430-420C-98E4-4677B5D74F72}
2019-01-09 18:49 - 2014-11-28 05:23 - 000734494 _____ C:\windows\system32\perfh005.dat
2019-01-09 18:49 - 2014-11-28 05:23 - 000148824 _____ C:\windows\system32\perfc005.dat
2019-01-09 18:49 - 2014-03-18 10:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2019-01-09 18:49 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2019-01-09 18:48 - 2016-10-02 16:08 - 000000000 ___RD C:\Users\Pája\Dropbox
2019-01-09 18:47 - 2016-10-02 16:04 - 000000916 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-07 18:41 - 2015-06-28 11:25 - 000001279 _____ C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wi-FiHotspotChgToast.lnk
2019-01-07 18:41 - 2014-11-28 05:39 - 000000000 ____D C:\ProgramData\LU
2019-01-07 18:31 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-01-07 18:30 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája
2019-01-07 18:30 - 2014-11-28 05:25 - 000004608 _____ C:\windows\system32\VfService.trf
2019-01-07 13:02 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\Packages
2019-01-07 12:56 - 2015-03-05 07:53 - 000000000 ____D C:\Users\Pája\AppData\Local\SweetLabs App Platform
2019-01-06 18:35 - 2015-09-11 00:04 - 000000000 ____D C:\windows\Minidump
2019-01-06 15:25 - 2017-01-22 15:37 - 000050176 ___SH C:\Users\Pája\Desktop\Thumbs.db
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files\Google
2019-01-06 12:37 - 2016-02-21 19:23 - 000000000 ____D C:\Program Files (x86)\Google
2019-01-06 12:37 - 2015-03-29 20:51 - 000000000 ____D C:\ProgramData\Norton
2019-01-06 12:36 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2019-01-06 12:35 - 2018-06-06 08:08 - 000003910 _____ C:\windows\System32\Tasks\Avast Emergency Update
2019-01-06 12:33 - 2018-10-23 17:50 - 000042488 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000474648 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000380144 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000239808 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000218056 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000203488 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000166472 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000111992 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000088144 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-01-06 12:33 - 2018-06-06 08:07 - 000046584 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys
2019-01-06 12:33 - 2018-06-06 08:03 - 000000000 ____D C:\ProgramData\AVAST Software
2019-01-06 12:32 - 2018-06-06 08:07 - 001034056 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-01-06 12:28 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2019-01-05 23:09 - 2016-02-21 19:23 - 000000000 ____D C:\Users\Pája\AppData\Local\Google
2019-01-05 22:55 - 2013-08-22 16:36 - 000000000 ___HD C:\windows\ELAMBKUP
2019-01-05 22:55 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2019-01-05 22:34 - 2018-06-06 08:13 - 000000000 ____D C:\Users\Pája\AppData\Local\AVAST Software
2019-01-05 22:28 - 2015-03-27 21:02 - 000000000 ____D C:\Users\Pája\AppData\Local\CrashDumps
2019-01-05 22:28 - 2014-04-03 20:15 - 000000000 ____D C:\windows\Panther
2019-01-05 22:26 - 2015-03-29 21:39 - 000528896 ___SH C:\Users\Pája\Downloads\Thumbs.db
2019-01-04 14:20 - 2016-02-21 19:22 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-24 15:46 - 2018-06-06 08:11 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-12-22 11:26 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2018-12-22 10:24 - 2015-03-11 23:32 - 000000000 ____D C:\windows\system32\MRT
2018-12-22 10:17 - 2015-03-11 23:32 - 137260640 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-12-22 10:06 - 2016-02-21 19:23 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-22 10:06 - 2016-02-21 19:23 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-19 12:47 - 2013-08-22 15:44 - 000501992 _____ C:\windows\system32\FNTCACHE.DAT
2018-12-17 15:29 - 2013-08-22 14:25 - 000000188 _____ C:\windows\win.ini
2018-12-16 20:53 - 2016-02-21 19:24 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-16 20:53 - 2016-02-21 19:24 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-12-16 20:38 - 2016-10-02 16:04 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-10 23:04 - 2015-03-29 20:43 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-03-22 11:02 - 2015-03-22 11:02 - 000000091 _____ () C:\Users\Pája\AppData\Roaming\sversion.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 14:41

==================== End of FRST.txt ============================

Re: Prosím o preventivní kontrolu

Napsal: 09 led 2019 19:39
od curt-xx
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.01.2019
Ran by Pája (09-01-2019 19:37:12)
Running from C:\Users\Pája\Desktop
Windows 8.1 (Update) (X64) (2015-03-05 06:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2296160937-1354267295-71492202-500 - Administrator - Disabled)
Guest (S-1-5-21-2296160937-1354267295-71492202-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2296160937-1354267295-71492202-1004 - Limited - Enabled)
Pája (S-1-5-21-2296160937-1354267295-71492202-1002 - Administrator - Enabled) => C:\Users\Pája

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20069 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 29.0.0.112 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{665D4B18-EA91-BE16-3212-218C63F5DC4E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.8.0 - AppEx Networks)
ANT Drivers Installer x64 (HKLM\...\{15DDA7AF-3E5C-49CC-B57C-8926F09405A6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.141.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.50 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.52 - Conexant)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 63.4.107 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{68D32366-4505-43D2-A1F5-EF4B645207D6}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Garmin Express (HKLM-x32\...\{21a6db39-b3c0-447d-85d7-39dcf1703e3e}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{73CA3D46-6F24-43AA-ABE9-15341B96FF53}) (Version: 6.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Image Studio Lite 5.2 (HKLM\...\Image Studio Lite_is1) (Version: 5.2.5 - LI-COR, Inc.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.36.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{558E50EE-5E2D-479A-A455-8A826191583B}) (Version: 3.3.004.00 - Lenovo)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Mendeley Desktop 1.13.4 (HKLM-x32\...\Mendeley Desktop) (Version: 1.13.4 - Mendeley Ltd.)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{27710125-9C94-0EEE-7A40-39C60DFF7ECA}_is1) (Version: for Windows - )
microsoft office 2013 plna verze cz zdarma version for Windows (HKLM-x32\...\{C5EBDB82-27D7-857C-D956-2955F2F463D8}_is1) (Version: for Windows - )
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenOffice.org 1.1.0 (HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\OpenOffice.org 1.1.0) (Version: 1.1.0 - Sun Microsystems, Inc. for the OpenOffice.org-Community)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4461557) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BB7D10A9-A135-4EB8-82F1-8A25FEB1B327}) (Version: - Microsoft)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.3 - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.9 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2014-02-26] (Qualcomm®Atheros®)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-04-19] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-12-13] (Dropbox, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-06] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {001C0A50-B78A-41EB-AAB6-90A2C42DC9E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-11-23] (AVAST Software)
Task: {09F3A657-8465-4CCF-B84F-E0E24D6F566F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {0F7F2CCA-99AB-460F-94CB-661FE7970A80} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-28] (Piriform Software Ltd)
Task: {24C19A5F-DB50-4252-8BA4-38B58DFA098D} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe [2016-08-24] ()
Task: {2E7ED8E2-EAEC-4B9A-BB60-B6E0B9B2B986} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {3191FC82-130C-4291-A8A6-7D1FC176827C} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {3363AB4C-CCD0-47EB-9869-AFF314AAEBF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {65F9FFA1-B6B0-4996-8E1B-77A0E3394B83} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {69B54E35-E81E-41CD-8749-1ECD91BACCDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {71DC6258-DE8F-4126-9DA7-2FAE7AA559A4} - System32\Tasks\{C44BFDFE-5BB3-4750-AD4D-76A99B22868E} => c:\program files (x86)\avast software\browser\application\avastbrowser.exe
Task: {762E607F-18EF-4716-90AD-3DEAF05AD2B8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {76810D45-A05E-48FD-9989-EA1B59802BC1} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-08-24] (Lenovo)
Task: {842DDCD8-67D5-4224-862F-B2D47550D5AE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {842F41F0-CC4F-480C-8292-2ACC5A2CC013} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-06] (AVAST Software)
Task: {878EAE75-5104-4D74-9862-FB797EA8BB31} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {9DF04557-035A-4B46-8377-7E49DCAA0F88} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {A91B072E-3A28-4A98-B2F0-89CC6726A411} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {AFE0C5E0-33C9-46DA-A03C-4E97FF6749A5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-11-28] ()
Task: {B417B4A0-FC95-495C-BC30-8765672825D7} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {B5E5F1C5-9A31-4665-B14E-80DBE84D418A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {C4F1D9F4-F47D-4E67-BC51-E6DF188EF864} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-08-24] (Lenovo)
Task: {E40D9130-F145-4FFA-8B13-C99BF3E745B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-28] (Piriform Ltd)
Task: {FACB164D-1347-45A0-A8D1-65407CDCF3E8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-10-02] (Dropbox, Inc.)
Task: {FDA7A9B1-F138-47DE-ABC1-4C2F03756CA2} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {FF359F9B-F57D-4A46-97E3-79B08B4BA48C} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-02-20 08:01 - 2015-02-20 08:01 - 000022528 _____ () C:\windows\System32\us001lm.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-11-28 05:21 - 2012-04-25 03:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-11-28 05:25 - 2014-11-28 05:25 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-11-28 05:25 - 2014-11-28 05:25 - 000815104 _____ () C:\Program Files\Lenovo PhoneCompanion\adb.exe
2014-02-26 07:14 - 2014-02-26 07:14 - 000011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-26 07:11 - 2014-02-26 07:11 - 000086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-26 07:17 - 2014-02-26 07:17 - 000012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-11-28 04:46 - 2010-10-26 21:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 21:50 - 2014-11-28 05:29 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-06 12:33 - 2019-01-06 12:33 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-04-19 07:12 - 2014-04-19 07:12 - 000102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-04-18 04:45 - 2017-04-18 04:45 - 001227264 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 067109376 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2018-11-28 11:57 - 2018-11-28 11:57 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2003-10-06 01:10 - 2003-10-06 01:10 - 008470528 _____ () C:\Program Files (x86)\OpenOffice.org1.1.0\program\icudt22l.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 001140552 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-12-16 20:37 - 2018-12-13 06:12 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000148968 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001878888 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 22:13 - 2018-12-13 06:12 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-12-16 20:37 - 2018-12-13 06:15 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000062304 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:14 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000092496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt562.sip.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:12 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 011727696 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:12 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 22:13 - 2018-12-13 06:16 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-12-16 20:37 - 2018-12-13 06:15 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 22:13 - 2018-12-13 06:16 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-11-08 22:13 - 2018-12-13 06:16 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-12-16 20:37 - 2018-12-13 06:15 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2017-04-18 04:45 - 2017-04-18 04:45 - 000808960 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 002246144 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-09 22:49 - 2017-04-09 22:49 - 000079360 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2019-01-04 09:37 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Lenovo\FusionEngine;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Pája\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{CB2202A0-6F50-4FC0-B92C-91CA74B40973}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{D5462924-8768-4332-B568-2CE9030B2AEA}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (Lenovo)
FirewallRules: [{ED6E2FA2-B544-4982-8537-F6B54EFABBEF}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp.)
FirewallRules: [{F2C5BF95-5DF0-411B-8A76-4EF489660ACE}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp.)
FirewallRules: [{17652394-3A18-45D8-80ED-585E8A8FA7DB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp.)
FirewallRules: [{04D06923-D298-47E6-A51D-1DE4DF899D3A}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp.)
FirewallRules: [{4FF65943-C0BB-486D-8DF4-BFA4956B392B}] => (Allow) LPort=55100
FirewallRules: [{D976B529-AD82-4730-99A0-C81689C38C30}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo)
FirewallRules: [{D1ED99F8-5891-4A6A-8D40-09DCFFF05A80}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{595D84B2-DD66-476C-9C60-386EE13E6FA2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{8A212669-46F5-4530-92AF-0E2E1B9723EF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{972AF5F4-B40C-4CAB-9B05-8EBB5E82A691}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{E04CBB3C-59F3-48BA-AECC-65016FA3C3CF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{5E56B3A0-5069-472B-B786-CE70962B0019}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe (Microsoft Corporation)
FirewallRules: [{397A5955-EEEF-40EF-830A-774D4475C0F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{0300FF29-0992-4BA8-BD90-FE63B1A5ABF1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation)
FirewallRules: [{FDFF3C38-C82D-4142-A65A-2098AD33CE45}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{49C87F97-F265-4C17-BCE4-F9C4E6F92AE7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{2F4CE46F-FF8E-4979-8E05-914B581565AD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{D54650BB-9DEB-4C64-A189-126E498F01F4}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{6D2F26F6-D0D7-4D88-8E96-54764E108D82}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{19C80DB7-A9D9-4490-A7D2-1BF0C4053322}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{E48B64DD-E2FF-4837-B28F-63FD7FDE9F54}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
FirewallRules: [{D9CC2362-9666-4744-BC82-234F40A034BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{C0D9A4C7-8BD4-44B9-83F0-96088624219E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{A9BC7018-9E67-4E0B-8F27-B4CE77C39685}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{48EEEBC1-9282-4D1F-BDA8-9233B277F895}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{74F35348-75C2-4178-A4D1-F16F3E22ED2D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)

==================== Restore Points =========================

22-12-2018 10:16:38 Windows Update
04-01-2019 14:41:24 Windows Update
06-01-2019 12:23:21 Removed McAfee Safe Connect
09-01-2019 19:00:21 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2019 01:23:22 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80070005).

Error: (01/06/2019 12:28:58 PM) (Source: ESENT) (EventID: 490) (User: )
Description: DllHost (4100) WebCacheLocal: An attempt to open the file "C:\Users\Pája\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avastm) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddWin32ServiceFiles: Unable to back up image of service Služba %1!s! Update (avast) since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary EraserUtilRebootDrv.

System Error:
The system cannot find the file specified.
.

Error: (01/06/2019 12:23:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Eraser Control driver.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (01/09/2019 07:35:16 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a45\??\C:\windows\AppCompat\Programs\Amcache.hve

Error: (01/09/2019 07:11:44 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume Windows8_OS.

The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x100000005642d. The name of the file is "<unable to determine file name>".

Error: (01/09/2019 07:00:47 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (01/09/2019 07:00:16 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/07/2019 06:53:50 PM) (Source: DCOM) (EventID: 10010) (User: LENOVIK)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The VeriFaceSrv service terminated unexpectedly. It has done this 1 time(s).

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (01/07/2019 06:30:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Conexant SmartAudio service service terminated unexpectedly. It has done this 1 time(s).


Windows Defender:
===================================
Date: 2018-09-15 21:08:02.838
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {60B3DF77-3A9C-4FBC-9C50-D8F4830DF7BF}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 21:00:38.542
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {760F0CCF-9CA1-4D02-8E0A-D7D1C9416A75}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:58:37.059
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8EE771B3-2648-4AB3-B868-46A5422D97A1}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 09:46:10.566
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8B045A70-DE0F-44F7-91D0-FE091FE38EF8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-06 04:20:51.586
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {44849852-4FD2-4AE8-9D2F-D344165FF8F4}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:40:52.848
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070020
Error description: The process cannot access the file because it is being used by another process.

Date: 2018-09-15 19:37:05.842
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x80070643
Error description: Fatal error during installation.

Date: 2018-09-15 19:37:04.235
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version:
Update Source: User
Signature Type:
Update Type:
Current Engine Version:
Previous Engine Version:
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.

Date: 2018-09-15 19:35:20.184
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.275.771.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15200.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.

CodeIntegrity:
===================================

Date: 2018-09-06 04:20:54.833
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 14:19:36.171
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-11 09:33:11.644
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 30%
Total physical RAM: 7128.26 MB
Available physical RAM: 4921.6 MB
Total Virtual: 14296.26 MB
Available Virtual: 11857.01 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.06 GB) (Free:679.2 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.96 GB) NTFS
Drive e: (Pavla_DVD1) (CDROM) (Total:3.82 GB) (Free:0 GB) UDF

\\?\Volume{8d6ddfd7-1708-4de8-b05e-d3e821b2e0ba}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{6a012311-1a48-46c0-82c3-7b5a3e420d30}\ (PBR_DRV) (Fixed) (Total:14.12 GB) (Free:4.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2A9F4670)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o preventivní kontrolu

Napsal: 09 led 2019 21:31
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
File: C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
File: C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
File: C:\windows\system32\pla.dll
Folder: C:\Users\Pája\AppData\Local\SweetLabs App Platform
Folder: C:\windows\Minidump
Zip: C:\windows\Minidump

HKU\S-1-5-21-2296160937-1354267295-71492202-1002\...\MountPoints2: {862d4998-d387-11e4-8264-acb57daeec0e} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-2296160937-1354267295-71492202-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> DefaultScope {A7367628-0795-4135-885F-D89E7826F88E} URL = 
SearchScopes: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> {A7367628-0795-4135-885F-D89E7826F88E} URL = 
Toolbar: HKU\S-1-5-21-2296160937-1354267295-71492202-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF HKLM-x32\...\Firefox\Extensions: [{40211632-250D-4B8C-B04E-DA45BAE6DF8C}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.5.0.19\coFFPlgn => not found
CHR NewTab: Default ->  Not-active:"chrome-extension://ejbdobdndcjhdmljipngpeoekdinlohe/homePageRedirect.html"
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 deikbbou; \??\C:\windows\system32\drivers\deikbbou.sys [X]
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160819.008\EX64.SYS [X]
2019-01-09 19:35 - 2019-01-09 19:35 - 000000000 ____D C:\Users\Pája\Desktop\FRST-OlderVersion
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\rsit
2019-01-06 12:42 - 2019-01-06 12:42 - 000000000 ____D C:\Program Files\trend micro
2019-01-06 12:27 - 2019-01-06 12:27 - 001222144 _____ C:\Users\Pája\Desktop\RSITx64.exe
2019-01-06 12:25 - 2018-10-23 18:00 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication-staré.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attributes [264]
AlternateDataStreams: C:\Users\Pája\Desktop\DEHP_publication_final.docx:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\EGFP:com.dropbox.attrs [58]
AlternateDataStreams: C:\Users\Pája\Desktop\ESR ve článcích.xlsx:com.dropbox.attributes [256]
AlternateDataStreams: C:\Users\Pája\Desktop\graphical abstract.pptx:com.dropbox.attributes [168]
AlternateDataStreams: C:\Users\Pája\Desktop\Progress report 2015.pdf:com.dropbox.attributes [242]
AlternateDataStreams: C:\Users\Pája\Documents\ESR ve článcích..xlsx:com.dropbox.attributes [256]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
C:\Users\Pája\AppData\Local\SweetLabs App Platform

Hosts:
EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche by sa mal vytvorit ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz a posli odkaz na stiahnutie.

Re: Prosím o preventivní kontrolu

Napsal: 12 led 2019 15:50
od curt-xx
Dobrý den, zeptám se možná úplně hloupě, ale tenhle úkon ty věci promaže? Jde mi o to, že v tom seznamu vidím např. DEPH, což jsou pracovní věci či články sdílené na dropboxu. Omlouvám se, ale raději se ptám, když jsem si toho všiml. děkuji

Re: Prosím o preventivní kontrolu

Napsal: 13 led 2019 03:26
od Conder
Vseobecne sa da povedat, ze "veci" vo fixliste sa zmazu (subory, adresare, hodnoty, kluce v registroch...), pripadne obnovia na predvolene hodnoty (registre), avsak treba brat do uvahy cely riadok, hlavne jeho zaciatok. Pri tych "DEHP veciach" a dalsich riadkoch zacinajucich s "AlternateDataStreams:" sa dane subory nezmazu, zmaze sa iba tzv. Alternative Data Stream (ADS) daneho suboru. ADS vacsinou preventivne premazavame vsetky. V tomto pripade sa podla nazvu jedna zrejme o nejake metadata Dropboxu, teda nic neskodne, tak kludne mozes pre "pokoj v dusi" tie riadky zacinajuce s "AlternateDataStreams:" odstranit.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz