VIRY.CZ

Zdravím, prosím o kontrolu popřípadě radu co změnit. PC je trochu zpomalené, hlavně při prohlížení a načítání webu. Logy jsem přiložil. Bohužel se mi sem nevešel, bylo moc znaků. děkuji

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-15-2019
# Duration: 00:02:15
# OS: Windows 10 Home
# Cleaned: 111
# Failed: 8


***** [ Services ] *****

Deleted WCAssistantService

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Lavasoft\Web Companion
Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\ProgramData\ByteFence
Deleted C:\ProgramData\Lavasoft\Web Companion
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted C:\Users\Martina\AppData\Local\Lavasoft\WEBCOMPANION.EXE_URL_SIQ0LWF3TZGXP2KHFKLLYBK3IDTBEHNG
Deleted C:\Users\Martina\AppData\Roaming\Lavasoft\Web Companion

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\BYTEFENCE
Deleted C:\Windows\System32\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted C:\Windows\Tasks\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}.job

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.bytefence.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\fortnite.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hp.myway.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\painttool-sai.en.softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\plarium.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\s.thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\staticimgfarm.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\thebrighttag.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\warthunder.com
Deleted HKCU\Software\CoinisRevShare
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tweakbit.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\warthunder.com
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\ByteFence.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BE009C9-0689-49A6-BBF1-391FAFAE1AD4}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8311A213-4EFA-46CC-8797-5FB7D005C63E}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ByteFence
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{58C776B4-ED8C-FB4C-F7B4-230FF56BE26D}
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayIcon
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|DisplayName
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7ef214c0-ca42-4c9f-a66c-dd92ca67504b}|UninstallString
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|ByteFence.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKU\.DEFAULT\Software\ByteFence
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\S-1-5-18\Software\ByteFence
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\playerunknowns-battlegrounds.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\friday-the-13th-the-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-game.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
Not Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\playerunknowns-battlegrounds.en.softonic.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkShellExtension Registry HKLM\Software\Classes\CLSID\{3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2}
Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
Deleted Preinstalled.LenovoAcceleratorApplication Folder C:\Program Files (x86)\LENOVO\LENOVOPORTAL
Deleted Preinstalled.LenovoAcceleratorApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{10672FE6-3D50-4F79-B0C7-A5573A5D415D}
Deleted Preinstalled.LenovoCCSDK Folder C:\Program Files (x86)\LENOVO\CCSDK
Deleted Preinstalled.LenovoCCSDK Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{67827BB6-4B05-6181-921A-E49FC484E859}
Deleted Preinstalled.LenovoExperienceImprovement Folder C:\Program Files\LENOVO\EXPERIENCEIMPROVEMENT
Deleted Preinstalled.LenovoExperienceImprovement Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LenovoExperienceImprovement
Deleted Preinstalled.LenovoIMController Folder C:\Program Files (x86)\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Program Files\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\ProgramData\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Users\Martina\AppData\Local\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\Tasks\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Folder C:\Windows\System32\drivers\LENOVO\IMCONTROLLER
Deleted Preinstalled.LenovoIMController Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{1720B0E0-C520-43A6-B677-97A1D80F3B99}
Deleted Preinstalled.LenovoPhotoMaster Folder C:\Program Files (x86)\LENOVO\LENOVO PHOTO MASTER
Deleted Preinstalled.LenovoPhotoMaster Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{BC94C56A-3649-420C-8756-2ADEBE399D33}
Deleted Preinstalled.LenovoPower2Go Folder C:\Program Files (x86)\LENOVO\POWER2GO
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer_For_P2G8
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLVirtualDrive
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6344FAA8-B41D-4CD7-95E0-A5F9FF2F9BA0}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PDVDServ12 Task
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Task C:\Windows\System32\Tasks\PDVDSERV12 TASK
Deleted Preinstalled.LenovoQuickOptimizer Folder C:\Program Files\LENOVO\QUICKOPTIMIZER
Deleted Preinstalled.LenovoQuickOptimizer Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}
Deleted Preinstalled.LenovoREACHit Folder C:\Program Files (x86)\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Folder C:\Users\Martina\AppData\Local\LENOVO\REACHIT
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Classes\CLSID\{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved|{2B3256D4-49AA-11D1-8429-0050AE509033}
Deleted Preinstalled.LenovoREACHit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}
Deleted Preinstalled.LenovoSHAREit Folder C:\Program Files (x86)\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Folder C:\Users\Martina\AppData\Local\LENOVO\SHAREIT
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Classes\CLSID\{430BD134-576D-4E75-87CD-0F5C6221A82B}
Deleted Preinstalled.LenovoSHAREit Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\SHAREit_is1
Deleted Preinstalled.LenovoSolutionCenter Folder C:\Program Files\LENOVO\LENOVO SOLUTION CENTER
Deleted Preinstalled.LenovoSolutionCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{52753916-613B-4455-8022-A146CC17B1F6}
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|LenovoUtility
Deleted Preinstalled.LenovoUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|LenovoUtility


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [583575 octets] - [15/11/2019 16:58:33]
AdwCleaner[S00].txt - [18747 octets] - [15/11/2019 17:01:12]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Poprosim o obidva nove logy z FRST.

nové logy

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  CMD: type "C:\Users\Martina\AppData\Roaming\WB.CFG"
  
  Task: {10052ADC-2A7D-4FB3-8E96-AC6D070AECFD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  Task: {3E508A05-7F5D-4961-B126-18782C4C418E} - \CCleanerSkipUAC -> No File <==== ATTENTION
  Task: {51199476-BD91-421B-BB35-CE56CBB28E51} - \Lenovo\ImController\Lenovo iM Controller Monitor -> No File <==== ATTENTION
  Task: {61AB3B1E-24A7-4E4B-87B8-F7F3EC89D3BA} - \Lenovo\ImController\TimeBasedEvents\b81433ec-6f44-4f74-b3d5-9e83ebebaa52 -> No File <==== ATTENTION
  Task: {7E73EFAC-0FEF-401F-B66A-D89CFFD5D899} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> No File <==== ATTENTION
  Task: {7F5CC40C-DC7A-46EC-A3C3-DB5DE72A48E6} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> No File <==== ATTENTION
  Task: {9C454C84-BA88-4667-9E06-01CD405D3BCC} - \Lenovo\ImController\TimeBasedEvents\cbfda1d6-6d9a-4768-861b-deda0ce28ad5 -> No File <==== ATTENTION
  Task: {F0B9BE25-1053-45A8-9C7A-6FEFEC67BB03} - \Lenovo\ImController\TimeBasedEvents\00f90f24-89b9-4280-931c-a419bf76d344 -> No File <==== ATTENTION
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://us.search.yahoo.com/yhs/web?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
  HKU\S-1-5-21-1331774177-858288628-842161164-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
  HKU\S-1-5-21-1331774177-858288628-842161164-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
  SearchScopes: HKLM -> DefaultScope {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKLM -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKLM-x32 -> DefaultScope {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKLM-x32 -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> DefaultScope {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> {e5badea7-e1c2-fbf1-87ac-061d1440d15b} URL = hxxps://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_18_49_jny_soverj_00_00&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyDtDyB0Bzy0DtAyB0CtCtC0B0CzyzzyEtN0D0TzutN1L2XzuyEtFtAtAtFtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2S1S1O1TyDzz1O1QtCtG1RyD1O1StGyEzy1QtCtG1TtA1OtAtG1PzzyDyE1Pzz1P1Q1QyEzz1Q2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCyDyDtA1TyB1RtDtGyB1StA1QtGyE1RtBtAtGzytAzzzytGzz1PyD1R1StAyC1StDtC1R1T2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1Rzu%26cr%3D1266352145%26a%3Dhdr_s_18_49_jny_soverj_00_00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
  SearchScopes: HKU\S-1-5-21-1331774177-858288628-842161164-1001 -> {F2CAFD61-310C-4FC5-9AF8-0111336BA22A} URL = 
  S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [X]
  S2 FastbootService; "C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe" [X]
  S2 ImControllerService; "%SystemDrive%\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe" [X]
  S2 LenovoPortalService; "C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe" [X]
  S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [X]
  2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Users\Martina\AppData\Roaming\Lavasoft
  2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Users\Martina\AppData\Local\Lavasoft
  2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
  2019-11-15 17:19 - 2019-09-10 16:31 - 000000000 ____D C:\Program Files (x86)\Lavasoft
  2019-11-15 17:19 - 2019-09-10 16:30 - 000000000 ____D C:\ProgramData\Lavasoft
  2019-03-29 12:31 - 2019-03-29 12:31 - 000000000 _____ () C:\Users\Martina\AppData\Local\{5CC2ADB2-17C2-4965-8B23-FAAF6BE9DD34}
  CustomCLSID: HKU\S-1-5-21-1331774177-858288628-842161164-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
  ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
  ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
  ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
  ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\friday-the-13th-the-game.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-game.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\playerunknowns-battlegrounds.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\friday-the-13th-the-game.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-game.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\grand-theft-auto-san-andreas-patch.en.softonic.com
  DeleteKey: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\playerunknowns-battlegrounds.en.softonic.com
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj