Prosím o kontrolu logu, email rozesílá spam
Napsal: 02 úno 2020 18:47
Dobrý den,
prosím o kontrolu, všimla jsem si, že můj email rozesílá sám od sebe nějaký spam. Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-02-2020 02
Ran by Kateřina (administrator) on LAPTOP-LMBQQVTN (LENOVO 80R2) (02-02-2020 18:40:23)
Running from C:\Users\Kateřina\Desktop
Loaded Profiles: Kateřina (Available Profiles: kcver & Kateřina)
Platform: Microsoft Windows 10 Home Version 1803 17134.885 (X86) Language: Slovenština (Slovensko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(3NOD) [File not signed] C:\Windows\3NOD\Lenovokb.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp -> ) C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [3nodkey] => C:\Windows\3NOD\LenovoKB.exe [6416384 2015-08-12] (3NOD) [File not signed]
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [103528 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3173840 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [266552 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\Run: [Easy Disk Drive Repair] => C:\Program Files\Zeatron Software\Easy Disk Drive Repair\EasyDiskDriveRepair.exe [483328 2015-01-17] (Zeatron Software) [File not signed]
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {24C6AD8D-F43B-4846-B9D2-7DD8483291DF} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {302231E7-C058-4190-A0E8-6117E2BAF219} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-17] (LENOVO -> Lenovo)
Task: {42A961D9-CEFA-4D98-987A-7339498B7611} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270272 2015-07-17] (LENOVO -> Lenovo)
Task: {446DB129-8C88-404C-A5D8-D80235E8C7EE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {659F8A49-4B8D-4807-B1B5-FADF80AA29D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {6CF3372F-88CA-4AA4-BF9D-EB3FAF42E2B6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1439104 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DCD6F2A-5C33-4871-B76D-E0CF6A2E2F72} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9403328 2015-07-17] (LENOVO -> )
Task: {6F3AF377-953E-43AE-B0C2-A9CF668F586B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8CB5701B-E1B0-4329-88B8-C5E728D936DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {90AA0BCA-EE84-4A3B-BF39-7BAA0100F20B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B94587F-53A2-4D48-8CC2-DD9B7D67BD36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18932504 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A821710D-C0CD-4F7B-A122-1CEE3BBED03A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB224C74-AD57-49BB-8DE5-36F634B12460} - System32\Tasks\UninstallMonitor => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [18937944 2018-10-16] (Innovative Solutions Grup SRL -> Innovative Solutions GRUP SRL)
Task: {B2198A60-F972-4207-AD76-690EDFC0180E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9403328 2015-07-17] (LENOVO -> )
Task: {B35AA63A-7209-41CB-B513-F938283BEE73} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C07FACDF-34F1-4123-9903-54A72E56B111} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18932504 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2BC506F-6DB7-45F3-B626-513FA4CBC091} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320384 2015-07-17] (LENOVO -> Lenovo)
Task: {CB5461D8-35B3-44DC-BD82-68D7EFCE8E99} - System32\Tasks\AupAvUpdate => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe
Task: {DF54C431-3984-458E-B279-D978C1A353C0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA1D29B8-3DBB-4871-9E26-06CF696438C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3793012919-2705438960-3369879477-1004" /ENABLE
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {FE5E4B86-FA9B-4514-93A0-A4D3DD5BB21D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0536420d-6f45-4c03-9f00-769e7f69022c}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{49ca41ff-aac6-4d4b-96eb-37e9914a09f3}: [DhcpNameServer] 169.254.73.172
Internet Explorer:
==================
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Kateřina\Downloads
Edge Notifications: HKU\S-1-5-21-3793012919-2705438960-3369879477-1004 -> hxxps://www.facebook.com; hxxps://www.arome.cz; hxxps://www.hamty.cz
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [147160 2015-07-16] (Realtek Semiconductor Corp -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7278352 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [299488 2016-11-28] (Intel(R) pGFX -> Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [108648 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [105576 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [115816 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [292832 2016-11-28] (Intel(R) pGFX -> Intel Corporation)
S3 InnovativeSolutions_monitor; C:\Program Files\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [1065560 2018-10-16] (Innovative Solutions Grup SRL -> )
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3183440 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [91776 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [697360 2015-07-09] (WDKTestCert viedifw,130729818588344082 -> Intel(R) Corporation)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [88584 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [55816 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [59392 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [85000 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [203264 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [467968 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [129248 2019-01-23] (Malwarebytes Corporation -> Malwarebytes)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [34176 2015-06-10] (WDKTestCert sys_dpebuild,130676845367974970 -> Intel Corporation)
R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [27496 2015-06-10] (WDKTestCert sys_dpebuild,130676845367974970 -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [57360 2015-06-18] (WDKTestCert sys_dpebuild,130676858587893502 -> Intel Corporation)
R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [98560 2015-06-10] (WDKTestCert sys_dpebuild,130676858587893502 -> Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44016 2015-12-01] (Intel(R) Wireless Display -> Intel Corporation)
R3 IntelBatteryManagement; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [47104 2015-07-01] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [277264 2015-11-11] (WDKTestCert sys_dpebuild,130676845285008007 -> Intel(R) Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35320 2015-12-01] (Intel(R) Wireless Display -> Intel Corporation)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2018-12-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63760 2018-12-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [230120 2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [93416 2018-12-12] (Malwarebytes Corporation -> Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [33792 2015-06-16] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [77424 2015-06-16] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [208624 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RtkUart; C:\WINDOWS\System32\drivers\RtkUart.sys [557312 2015-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtlWlans; C:\WINDOWS\System32\drivers\rtwlans.sys [6555136 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [1943808 2016-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [123968 2016-05-25] (Power Software Limited -> Power Software Ltd)
R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [84520 2015-05-27] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21920 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38488 2018-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [266424 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47800 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-06-07 14:05 - 4950-06-07 14:05 - 000178688 ____N (Microsoft Corporation) C:\WINDOWS\yLAe.exe
2099-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____N (Microsoft Corporation) C:\Program Files\Common Files\eejei.exe
2099-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____C (Microsoft Corporation) C:\Users\Kateřina\AppData\Local\ddfckuKVYuTeA.exe
2020-02-02 18:40 - 2020-02-02 18:42 - 000026733 ____C C:\Users\Kateřina\Desktop\FRST.txt
2020-02-02 18:38 - 2020-02-02 18:38 - 002008064 ____C (Farbar) C:\Users\Kateřina\Desktop\FRST.exe
2020-01-30 19:40 - 2020-01-30 19:40 - 000000000 ___HD C:\$GetCurrent
2020-01-09 18:36 - 2020-01-09 18:36 - 000602293 ____C C:\Users\Kateřina\Documents\Prohlášení poplatníka interaktivní formulář_new.pdf
2020-01-09 18:25 - 2020-01-09 18:25 - 000600766 ____C C:\Users\Kateřina\Desktop\Prohlášení poplatníka interaktivní formulář_KCV.pdf
2020-01-09 18:23 - 2020-01-09 18:23 - 000371216 ____C C:\Users\Kateřina\Desktop\Prohlášení poplatníka interaktivní formulář.pdf
2020-01-09 17:54 - 2020-01-09 17:54 - 000596818 ____C C:\Users\Kateřina\Desktop\Prohlášení_poplatníka_2018_interaktivní_formulář_prázdný_02.01.2019.pdf
2020-01-09 16:23 - 2020-01-09 16:23 - 001573393 ____C C:\Users\Kateřina\Desktop\KCV.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-02 18:43 - 2018-08-01 12:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3793012919-2705438960-3369879477-1004
2020-02-02 18:43 - 2018-08-01 12:54 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-02-02 18:43 - 2018-08-01 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-02-02 18:41 - 2018-11-26 17:56 - 000000000 ____D C:\FRST
2020-02-02 18:40 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-02 18:29 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-02 18:28 - 2018-08-01 12:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-02 16:23 - 2018-12-12 17:58 - 000000000 ___DC C:\Users\Kateřina\Desktop\SKŘIVÁNEK
2020-02-02 16:10 - 2019-08-27 09:52 - 000000000 ____D C:\WINDOWS\Panther
2020-02-02 16:07 - 2018-08-01 12:15 - 000002381 ____C C:\Users\Kateřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-02 16:07 - 2016-10-13 16:40 - 000000000 ___RD C:\Users\Kateřina\OneDrive
2020-02-02 16:01 - 2016-10-13 16:37 - 000000000 __SHD C:\Users\Kateřina\IntelGraphicsProfiles
2020-01-31 16:54 - 2018-08-01 12:15 - 000000000 ____D C:\Users\Kateřina
2020-01-31 13:33 - 2018-08-01 12:36 - 002322486 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-31 13:33 - 2018-08-01 12:36 - 000664618 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-31 13:33 - 2018-08-01 12:30 - 000005680 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-31 13:33 - 2017-10-22 17:48 - 001104638 _____ C:\WINDOWS\system32\perfh01B.dat
2020-01-31 13:33 - 2017-10-22 17:48 - 000931338 _____ C:\WINDOWS\system32\perfc01B.dat
2020-01-31 13:29 - 2019-12-13 15:12 - 000230120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:28 - 2018-08-01 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-31 10:59 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-30 19:52 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-30 19:38 - 2019-08-21 10:06 - 000000000 ____D C:\Windows10Upgrade
2020-01-30 19:38 - 2018-01-23 14:41 - 000000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2020-01-30 19:38 - 2018-01-23 14:41 - 000000802 ____C C:\Users\Kateřina\Desktop\Pomocník s aktualizací Windows 10.lnk
2020-01-28 13:51 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-27 16:33 - 2018-04-11 21:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-27 16:29 - 2015-11-29 12:20 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-27 16:27 - 2018-12-17 18:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-23 13:23 - 2019-03-19 09:04 - 000000000 ___HD C:\$WINDOWS.~BT
2020-01-22 14:02 - 2018-08-01 13:10 - 000000000 ___DC C:\Users\Kateřina\AppData\Local\PlaceholderTileLogoFolder
2020-01-22 14:02 - 2018-01-26 12:17 - 000000000 ___DC C:\Users\Kateřina\AppData\Local\Packages
2020-01-15 16:33 - 2016-10-14 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:29 - 2016-10-14 22:19 - 117005720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-09 16:29 - 2016-10-28 22:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-03 12:52 - 2019-12-06 10:23 - 000000000 ____D C:\Program Files\CUAssistant
==================== Files in the root of some directories ========
2018-11-26 15:44 - 2018-11-26 15:44 - 000008666 _____ () C:\Program Files\TNVVPFINSS-DECRYPT.txt
4950-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____N (Microsoft Corporation) C:\Program Files\Common Files\eejei.exe
2018-11-26 15:45 - 2018-11-26 15:45 - 000008666 ____C () C:\Users\Kateřina\AppData\Roaming\TNVVPFINSS-DECRYPT.txt
2018-11-26 15:46 - 2018-11-26 15:46 - 000008666 ____C () C:\Users\Kateřina\AppData\Roaming\Microsoft\TNVVPFINSS-DECRYPT.txt
4950-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____C (Microsoft Corporation) C:\Users\Kateřina\AppData\Local\ddfckuKVYuTeA.exe
2018-11-07 22:22 - 2018-11-13 13:10 - 006161408 ____C () C:\Users\Kateřina\AppData\Local\dump007.dat
2018-11-26 15:38 - 2018-11-26 15:38 - 000140800 ____C () C:\Users\Kateřina\AppData\Local\installer.dat
2018-10-09 16:24 - 2018-10-09 16:24 - 000000003 ____C () C:\Users\Kateřina\AppData\Local\wbem.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-02-2020 02
Ran by Kateřina (02-02-2020 18:43:59)
Running from C:\Users\Kateřina\Desktop
Microsoft Windows 10 Home Version 1803 17134.885 (X86) (2018-08-01 11:55:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3793012919-2705438960-3369879477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3793012919-2705438960-3369879477-503 - Limited - Disabled)
Guest (S-1-5-21-3793012919-2705438960-3369879477-501 - Limited - Disabled)
Kateřina (S-1-5-21-3793012919-2705438960-3369879477-1004 - Administrator - Enabled) => C:\Users\Kateřina
kcver (S-1-5-21-3793012919-2705438960-3369879477-1002 - Administrator - Enabled) => C:\Users\kcver
WDAGUtilityAccount (S-1-5-21-3793012919-2705438960-3369879477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Advanced Uninstaller PRO - Version 12 (HKLM\...\AU11_is1) (Version: 12.24.0.100 - Innovative Solutions)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AX88772C_772B_772A_772 Windows 8.x Drivers (HKLM\...\{18B9948C-938D-4AED-9ED7-EADE3BD1876A}) (Version: 3.0.1.0 - ASIX Electronics Corporation) Hidden
AX88772C_772B_772A_772 Windows 8.x Drivers (HKLM\...\InstallShield_{18B9948C-938D-4AED-9ED7-EADE3BD1876A}) (Version: 3.0.1.0 - ASIX Electronics Corporation)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Epson Easy Photo Print 2 (HKLM\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Free YouTube Downloader 4.2.754 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
iTunes (HKLM\...\{BCE6D6D6-42B5-4ABF-A44F-8EDF41F862D2}) (Version: 12.9.2.6 - Apple Inc.)
Lenovo Keyboard Driver (HKLM\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: 1.0.15.0812 - 3NOD)
Lenovo EasyCamera (HKLM\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Solution Center (HKLM\...\{74C3EF3E-2A0D-470A-9EDC-884D5F85644F}) (Version: 3.0.003.00 - Lenovo)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 6.6 - Power Software Ltd)
REALTEK Bluetooth (HKLM\...\{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - REALTEK Semiconductor Corp.) Hidden
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - Realtek Semiconductor Corp.)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.224135 - TeamViewer)
UpdateAssistant (HKLM\...\{A8CB3AA1-4ED7-4E95-BA0A-3DC927739A0E}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Webshare uploader (HKLM\...\WebshareDLC) (Version: - Webshare)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Packages:
=========
8 Zip Lite - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.2.150.0_x86__b6e429xa66pga [2018-06-27] (Finebits OÜ) [MS Ad]
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x86__ynb6jyjzte8ga [2019-05-27] (Adobe Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-29] (king.com)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2018-07-30] (Instagram)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2020-01-22] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-15] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x86__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x86__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Photo Watermark - Add Watermark to Photos, Add Timestamps -> C:\Program Files\WindowsApps\12176PicturePerfectApps.PhotoWatermark-AddWatermar_1.1.4.0_x86__e40414p8savay [2019-01-21] (Picture Perfect Apps) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3793012919-2705438960-3369879477-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-11-29 13:05 - 2015-06-09 03:20 - 000045056 _____ () [File not signed] C:\Windows\3NOD\hidhook.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Kateřina\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 09:28 - 2019-01-04 09:07 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{686A5B0F-72AE-4887-BA1C-7C5538C8EE2E}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{CE4E4021-A8EF-4D73-8D6D-0EDEF241C821}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{9797F135-393E-49F2-8549-E8A23C9BCB19}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{4506DF19-34C4-467F-A305-81241F34E03A}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{B2FB42EF-2792-41CE-BD13-CDAA2FC378AD}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{DC6EC7A9-76AA-4DE7-B37A-99D8BEADE131}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{CFEE2A02-79F0-460A-8D4A-B066C0CBFA58}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{C764E5CB-BE9B-4773-B4EC-0E7F1FA35F36}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{C5E3EA69-45DA-4F21-A67C-8456ED7BB907}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{572802B3-417F-4E13-9657-9CA79E80BFF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{979F9B6C-558F-46EE-AE0F-5463053A2D36}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A714F5E9-EE96-446D-AC7C-86590FA12403}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E205A33B-2E3C-403B-8389-D5CE2D53C1EE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93E1560C-848B-4C14-AAB3-8500AECAAE00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF666A0C-FCBB-4354-AF19-ACD86FC71623}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{79BB3168-0940-4AF9-952E-24AAB607905A}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D7247124-9FA0-46AC-B243-13F98BA40EA5}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6704B659-10E2-4E72-B184-60677C1C27A4}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:56.99 GB) (Free:3.23 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/02/2020 06:38:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 06:38:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-LMBQQVTN)
Description: httphttp-2147467263
Error: (02/02/2020 04:24:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:24:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:09:34 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (02/02/2020 06:42:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 11krát.
Error: (02/02/2020 06:40:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (02/02/2020 06:38:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 9krát.
Error: (02/02/2020 04:59:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 8krát.
Error: (02/02/2020 04:58:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/02/2020 04:58:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 7krát.
Error: (02/02/2020 04:34:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 6krát.
Error: (02/02/2020 04:33:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 5krát.
Windows Defender:
===================================
Date: 2018-12-11 14:56:04.306
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Unwaders.C!ml
ID: 242874
Závažnost: Závažná
Kategorie: Potenciálne nežiaduci softvér
Cesta: file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\072344\urlmon.7z; file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\352334\urlmon.7z; file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\502221\urlmon.7z
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.922
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.580
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.035
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:13.615
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-09 15:07:25.037
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.132.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240016
Popis chyby :Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
CodeIntegrity:
===================================
Date: 2020-02-02 16:01:49.784
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 19:09:08.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 14:17:46.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 13:49:08.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-28 15:02:38.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:24:12.214
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-26 15:21:07.605
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-22 13:38:37.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E2CN15WW 09/12/2018
Motherboard: LENOVO Aristotle 11.6
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 90%
Total physical RAM: 1977.13 MB
Available physical RAM: 194.34 MB
Total Virtual: 5518.38 MB
Available Virtual: 599.57 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:56.99 GB) (Free:3.24 GB) NTFS
\\?\Volume{9c76ee76-6bb3-4f5a-993b-b448b6702264}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{e1359a58-b0db-4cbb-9fd5-0160589ee3ed}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 049CE56E)
Partition: GPT.
==================== End of Addition.txt =======================
prosím o kontrolu, všimla jsem si, že můj email rozesílá sám od sebe nějaký spam. Předem děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-02-2020 02
Ran by Kateřina (administrator) on LAPTOP-LMBQQVTN (LENOVO 80R2) (02-02-2020 18:40:23)
Running from C:\Users\Kateřina\Desktop
Loaded Profiles: Kateřina (Available Profiles: kcver & Kateřina)
Platform: Microsoft Windows 10 Home Version 1803 17134.885 (X86) Language: Slovenština (Slovensko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(3NOD) [File not signed] C:\Windows\3NOD\Lenovokb.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Power Software Limited -> Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Realtek Semiconductor Corp -> ) C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\tv_w32.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [3nodkey] => C:\Windows\3NOD\LenovoKB.exe [6416384 2015-08-12] (3NOD) [File not signed]
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [103528 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3173840 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-05-25] (Power Software Limited -> Power Software Ltd)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [232840 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [266552 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\Run: [Easy Disk Drive Repair] => C:\Program Files\Zeatron Software\Easy Disk Drive Repair\EasyDiskDriveRepair.exe [483328 2015-01-17] (Zeatron Software) [File not signed]
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\RunOnce: [Uninstall 19.222.1110.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kateřina\AppData\Local\Microsoft\OneDrive\19.222.1110.0006"
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {24C6AD8D-F43B-4846-B9D2-7DD8483291DF} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {302231E7-C058-4190-A0E8-6117E2BAF219} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-17] (LENOVO -> Lenovo)
Task: {42A961D9-CEFA-4D98-987A-7339498B7611} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270272 2015-07-17] (LENOVO -> Lenovo)
Task: {446DB129-8C88-404C-A5D8-D80235E8C7EE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1542536 2019-09-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {659F8A49-4B8D-4807-B1B5-FADF80AA29D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {6CF3372F-88CA-4AA4-BF9D-EB3FAF42E2B6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1439104 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {6DCD6F2A-5C33-4871-B76D-E0CF6A2E2F72} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9403328 2015-07-17] (LENOVO -> )
Task: {6F3AF377-953E-43AE-B0C2-A9CF668F586B} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3250056 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {8CB5701B-E1B0-4329-88B8-C5E728D936DD} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {90AA0BCA-EE84-4A3B-BF39-7BAA0100F20B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14636224 2018-12-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9B94587F-53A2-4D48-8CC2-DD9B7D67BD36} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18932504 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {A821710D-C0CD-4F7B-A122-1CEE3BBED03A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB224C74-AD57-49BB-8DE5-36F634B12460} - System32\Tasks\UninstallMonitor => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [18937944 2018-10-16] (Innovative Solutions Grup SRL -> Innovative Solutions GRUP SRL)
Task: {B2198A60-F972-4207-AD76-690EDFC0180E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9403328 2015-07-17] (LENOVO -> )
Task: {B35AA63A-7209-41CB-B513-F938283BEE73} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C07FACDF-34F1-4123-9903-54A72E56B111} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [18932504 2020-01-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2BC506F-6DB7-45F3-B626-513FA4CBC091} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320384 2015-07-17] (LENOVO -> Lenovo)
Task: {CB5461D8-35B3-44DC-BD82-68D7EFCE8E99} - System32\Tasks\AupAvUpdate => C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe
Task: {DF54C431-3984-458E-B279-D978C1A353C0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1376144 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA1D29B8-3DBB-4871-9E26-06CF696438C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-3793012919-2705438960-3369879477-1004" /ENABLE
Task: {F39046F2-71AB-404E-AD34-11E1EF8AD3E8} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {FE5E4B86-FA9B-4514-93A0-A4D3DD5BB21D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-01-27] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{0536420d-6f45-4c03-9f00-769e7f69022c}: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{49ca41ff-aac6-4d4b-96eb-37e9914a09f3}: [DhcpNameServer] 169.254.73.172
Internet Explorer:
==================
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
DownloadDir: C:\Users\Kateřina\Downloads
Edge Notifications: HKU\S-1-5-21-3793012919-2705438960-3369879477-1004 -> hxxps://www.facebook.com; hxxps://www.arome.cz; hxxps://www.hamty.cz
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5106064 2019-12-19] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [859096 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 BTDevManager; C:\Program Files\REALTEK\REALTEK Bluetooth\BTDevMgr.exe [147160 2015-07-16] (Realtek Semiconductor Corp -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7278352 2020-01-07] (Microsoft Corporation -> Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [299488 2016-11-28] (Intel(R) pGFX -> Intel Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [108648 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [105576 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [115816 2015-07-29] (Intel Corporation - pGFX -> Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [292832 2016-11-28] (Intel(R) pGFX -> Intel Corporation)
S3 InnovativeSolutions_monitor; C:\Program Files\Common Files\Innovative Solutions\Advanced Uninstaller\InnovativeSolutions_monitor_Svr.exe [1065560 2018-10-16] (Innovative Solutions Grup SRL -> )
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-17] (LENOVO -> Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [5073376 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3183440 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [91776 2018-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35512 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [174712 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [224008 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [169408 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [59368 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [211088 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41200 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [136752 2019-11-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95168 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73312 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [691528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [394856 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [176760 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277408 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 camera; C:\WINDOWS\system32\DRIVERS\iacamera32.sys [697360 2015-07-09] (WDKTestCert viedifw,130729818588344082 -> Intel(R) Corporation)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [88584 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [55816 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [59392 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [85000 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [203264 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [467968 2015-06-23] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [129248 2019-01-23] (Malwarebytes Corporation -> Malwarebytes)
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [34176 2015-06-10] (WDKTestCert sys_dpebuild,130676845367974970 -> Intel Corporation)
R3 GpioVirtual; C:\WINDOWS\System32\drivers\iaiogpiovirtual.sys [27496 2015-06-10] (WDKTestCert sys_dpebuild,130676845367974970 -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [57360 2015-06-18] (WDKTestCert sys_dpebuild,130676858587893502 -> Intel Corporation)
R3 iaiouart; C:\WINDOWS\System32\drivers\iaiouart.sys [98560 2015-06-10] (WDKTestCert sys_dpebuild,130676858587893502 -> Intel Corporation)
S3 intaud_WaveExtensible; C:\WINDOWS\system32\drivers\intelaud.sys [44016 2015-12-01] (Intel(R) Wireless Display -> Intel Corporation)
R3 IntelBatteryManagement; C:\WINDOWS\System32\drivers\IntelBatteryManagement.sys [47104 2015-07-01] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [277264 2015-11-11] (WDKTestCert sys_dpebuild,130676845285008007 -> Intel(R) Corporation)
R3 iwdbus; C:\WINDOWS\System32\drivers\iwdbus.sys [35320 2015-12-01] (Intel(R) Wireless Display -> Intel Corporation)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [106144 2018-12-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [63760 2018-12-10] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [230120 2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [93416 2018-12-12] (Malwarebytes Corporation -> Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [33792 2015-06-16] (Intel(R) Baytrail Wintablet -> Intel Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [77424 2015-06-16] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
R3 rtii2sac; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [208624 2015-06-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 RtkUart; C:\WINDOWS\System32\drivers\RtkUart.sys [557312 2015-07-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R3 RtlWlans; C:\WINDOWS\System32\drivers\rtwlans.sys [6555136 2018-04-11] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [1943808 2016-10-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [123968 2016-05-25] (Power Software Limited -> Power Software Ltd)
R3 TXEI; C:\WINDOWS\System32\drivers\TXEI.sys [84520 2015-05-27] (Intel Corporation - Client Components Group -> Intel Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\drivers\urssynopsys.sys [21920 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [45056 2016-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38488 2018-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [266424 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [47800 2018-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2099-06-07 14:05 - 4950-06-07 14:05 - 000178688 ____N (Microsoft Corporation) C:\WINDOWS\yLAe.exe
2099-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____N (Microsoft Corporation) C:\Program Files\Common Files\eejei.exe
2099-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____C (Microsoft Corporation) C:\Users\Kateřina\AppData\Local\ddfckuKVYuTeA.exe
2020-02-02 18:40 - 2020-02-02 18:42 - 000026733 ____C C:\Users\Kateřina\Desktop\FRST.txt
2020-02-02 18:38 - 2020-02-02 18:38 - 002008064 ____C (Farbar) C:\Users\Kateřina\Desktop\FRST.exe
2020-01-30 19:40 - 2020-01-30 19:40 - 000000000 ___HD C:\$GetCurrent
2020-01-09 18:36 - 2020-01-09 18:36 - 000602293 ____C C:\Users\Kateřina\Documents\Prohlášení poplatníka interaktivní formulář_new.pdf
2020-01-09 18:25 - 2020-01-09 18:25 - 000600766 ____C C:\Users\Kateřina\Desktop\Prohlášení poplatníka interaktivní formulář_KCV.pdf
2020-01-09 18:23 - 2020-01-09 18:23 - 000371216 ____C C:\Users\Kateřina\Desktop\Prohlášení poplatníka interaktivní formulář.pdf
2020-01-09 17:54 - 2020-01-09 17:54 - 000596818 ____C C:\Users\Kateřina\Desktop\Prohlášení_poplatníka_2018_interaktivní_formulář_prázdný_02.01.2019.pdf
2020-01-09 16:23 - 2020-01-09 16:23 - 001573393 ____C C:\Users\Kateřina\Desktop\KCV.zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-02-02 18:43 - 2018-08-01 12:54 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3793012919-2705438960-3369879477-1004
2020-02-02 18:43 - 2018-08-01 12:54 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-02-02 18:43 - 2018-08-01 12:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-02-02 18:41 - 2018-11-26 17:56 - 000000000 ____D C:\FRST
2020-02-02 18:40 - 2018-04-11 21:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-02 18:29 - 2018-04-11 21:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-02 18:28 - 2018-08-01 12:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-02 16:23 - 2018-12-12 17:58 - 000000000 ___DC C:\Users\Kateřina\Desktop\SKŘIVÁNEK
2020-02-02 16:10 - 2019-08-27 09:52 - 000000000 ____D C:\WINDOWS\Panther
2020-02-02 16:07 - 2018-08-01 12:15 - 000002381 ____C C:\Users\Kateřina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-02-02 16:07 - 2016-10-13 16:40 - 000000000 ___RD C:\Users\Kateřina\OneDrive
2020-02-02 16:01 - 2016-10-13 16:37 - 000000000 __SHD C:\Users\Kateřina\IntelGraphicsProfiles
2020-01-31 16:54 - 2018-08-01 12:15 - 000000000 ____D C:\Users\Kateřina
2020-01-31 13:33 - 2018-08-01 12:36 - 002322486 _____ C:\WINDOWS\system32\perfh005.dat
2020-01-31 13:33 - 2018-08-01 12:36 - 000664618 _____ C:\WINDOWS\system32\perfc005.dat
2020-01-31 13:33 - 2018-08-01 12:30 - 000005680 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-01-31 13:33 - 2017-10-22 17:48 - 001104638 _____ C:\WINDOWS\system32\perfh01B.dat
2020-01-31 13:33 - 2017-10-22 17:48 - 000931338 _____ C:\WINDOWS\system32\perfc01B.dat
2020-01-31 13:29 - 2019-12-13 15:12 - 000230120 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-01-31 13:28 - 2018-08-01 12:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-01-31 10:59 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-01-30 19:52 - 2018-04-11 21:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-01-30 19:38 - 2019-08-21 10:06 - 000000000 ____D C:\Windows10Upgrade
2020-01-30 19:38 - 2018-01-23 14:41 - 000000814 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pomocník s aktualizací Windows 10.lnk
2020-01-30 19:38 - 2018-01-23 14:41 - 000000802 ____C C:\Users\Kateřina\Desktop\Pomocník s aktualizací Windows 10.lnk
2020-01-28 13:51 - 2018-04-11 21:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-01-27 16:33 - 2018-04-11 21:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-01-27 16:29 - 2015-11-29 12:20 - 000000000 ____D C:\Program Files\Microsoft Office
2020-01-27 16:27 - 2018-12-17 18:42 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-01-23 13:23 - 2019-03-19 09:04 - 000000000 ___HD C:\$WINDOWS.~BT
2020-01-22 14:02 - 2018-08-01 13:10 - 000000000 ___DC C:\Users\Kateřina\AppData\Local\PlaceholderTileLogoFolder
2020-01-22 14:02 - 2018-01-26 12:17 - 000000000 ___DC C:\Users\Kateřina\AppData\Local\Packages
2020-01-15 16:33 - 2016-10-14 22:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-01-15 16:29 - 2016-10-14 22:19 - 117005720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-01-09 16:29 - 2016-10-28 22:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-01-03 12:52 - 2019-12-06 10:23 - 000000000 ____D C:\Program Files\CUAssistant
==================== Files in the root of some directories ========
2018-11-26 15:44 - 2018-11-26 15:44 - 000008666 _____ () C:\Program Files\TNVVPFINSS-DECRYPT.txt
4950-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____N (Microsoft Corporation) C:\Program Files\Common Files\eejei.exe
2018-11-26 15:45 - 2018-11-26 15:45 - 000008666 ____C () C:\Users\Kateřina\AppData\Roaming\TNVVPFINSS-DECRYPT.txt
2018-11-26 15:46 - 2018-11-26 15:46 - 000008666 ____C () C:\Users\Kateřina\AppData\Roaming\Microsoft\TNVVPFINSS-DECRYPT.txt
4950-06-07 14:05 - 4950-06-07 14:05 - 000060416 ____C (Microsoft Corporation) C:\Users\Kateřina\AppData\Local\ddfckuKVYuTeA.exe
2018-11-07 22:22 - 2018-11-13 13:10 - 006161408 ____C () C:\Users\Kateřina\AppData\Local\dump007.dat
2018-11-26 15:38 - 2018-11-26 15:38 - 000140800 ____C () C:\Users\Kateřina\AppData\Local\installer.dat
2018-10-09 16:24 - 2018-10-09 16:24 - 000000003 ____C () C:\Users\Kateřina\AppData\Local\wbem.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-02-2020 02
Ran by Kateřina (02-02-2020 18:43:59)
Running from C:\Users\Kateřina\Desktop
Microsoft Windows 10 Home Version 1803 17134.885 (X86) (2018-08-01 11:55:39)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3793012919-2705438960-3369879477-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3793012919-2705438960-3369879477-503 - Limited - Disabled)
Guest (S-1-5-21-3793012919-2705438960-3369879477-501 - Limited - Disabled)
Kateřina (S-1-5-21-3793012919-2705438960-3369879477-1004 - Administrator - Enabled) => C:\Users\Kateřina
kcver (S-1-5-21-3793012919-2705438960-3369879477-1002 - Administrator - Enabled) => C:\Users\kcver
WDAGUtilityAccount (S-1-5-21-3793012919-2705438960-3369879477-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Advanced Uninstaller PRO - Version 12 (HKLM\...\AU11_is1) (Version: 12.24.0.100 - Innovative Solutions)
Apple Mobile Device Support (HKLM\...\{ABDE67C4-5876-4CDB-82A9-0CBACECC1C4A}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
AX88772C_772B_772A_772 Windows 8.x Drivers (HKLM\...\{18B9948C-938D-4AED-9ED7-EADE3BD1876A}) (Version: 3.0.1.0 - ASIX Electronics Corporation) Hidden
AX88772C_772B_772A_772 Windows 8.x Drivers (HKLM\...\InstallShield_{18B9948C-938D-4AED-9ED7-EADE3BD1876A}) (Version: 3.0.1.0 - ASIX Electronics Corporation)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.51 - Piriform)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: - Softland)
Epson Easy Photo Print 2 (HKLM\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Free YouTube Downloader 4.2.754 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)
GOM Player (HKLM\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
iTunes (HKLM\...\{BCE6D6D6-42B5-4ABF-A44F-8EDF41F862D2}) (Version: 12.9.2.6 - Apple Inc.)
Lenovo Keyboard Driver (HKLM\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: 1.0.15.0812 - 3NOD)
Lenovo EasyCamera (HKLM\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo Solution Center (HKLM\...\{74C3EF3E-2A0D-470A-9EDC-884D5F85644F}) (Version: 3.0.003.00 - Lenovo)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12325.20344 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\...\OneDriveSetup.exe) (Version: 19.232.1124.0005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 CSY (HKLM\...\{E8BEDB28-151D-465C-9BE0-F6EB930A629C}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Network Stumbler 0.4.0 (remove only) (HKLM\...\Network Stumbler) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12325.20344 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 6.6 - Power Software Ltd)
REALTEK Bluetooth (HKLM\...\{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - REALTEK Semiconductor Corp.) Hidden
REALTEK Bluetooth (HKLM\...\InstallShield_{192979A0-37F4-4703-B1BB-62052142CE44}) (Version: 1.0.102.50724 - Realtek Semiconductor Corp.)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.224135 - TeamViewer)
UpdateAssistant (HKLM\...\{A8CB3AA1-4ED7-4E95-BA0A-3DC927739A0E}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Webshare uploader (HKLM\...\WebshareDLC) (Version: - Webshare)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Packages:
=========
8 Zip Lite - unpack RAR, ZIP, 7z for free -> C:\Program Files\WindowsApps\BooStudioLLC.8ZipLite_1.2.150.0_x86__b6e429xa66pga [2018-06-27] (Finebits OÜ) [MS Ad]
Adobe Photoshop Express: Editor obrazů, úpravy, filtry, efekty, okraje -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.0.316.0_x86__ynb6jyjzte8ga [2019-05-27] (Adobe Inc.)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.156.300.0_x86__kgqvnymyfvs32 [2020-01-29] (king.com)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_41.1788.50991.0_x86__8xx8rvfyw5nnt [2018-07-30] (Instagram)
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_196.2292.59195.0_x86__8xx8rvfyw5nnt [2020-01-22] (Facebook Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x86__8wekyb3d8bbwe [2018-02-15] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x86__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x86__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.20074.0_x86__8wekyb3d8bbwe [2020-01-20] (Microsoft Corporation) [MS Ad]
Photo Watermark - Add Watermark to Photos, Add Timestamps -> C:\Program Files\WindowsApps\12176PicturePerfectApps.PhotoWatermark-AddWatermar_1.1.4.0_x86__e40414p8savay [2019-01-21] (Picture Perfect Apps) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-10] (Twitter Inc.)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2017-04-25] (LENOVO INCORPORATED.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3793012919-2705438960-3369879477-1004_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-05-25] (Power Software Limited -> Power Software Ltd)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2015-11-29 13:05 - 2015-06-09 03:20 - 000045056 _____ () [File not signed] C:\Windows\3NOD\hidhook.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-01-23 20:52 - 2019-01-23 20:51 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2018-11-27 13:25 - 2019-01-23 20:51 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Kateřina\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 09:28 - 2019-01-04 09:07 - 000000825 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3793012919-2705438960-3369879477-1004\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{686A5B0F-72AE-4887-BA1C-7C5538C8EE2E}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{CE4E4021-A8EF-4D73-8D6D-0EDEF241C821}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{9797F135-393E-49F2-8549-E8A23C9BCB19}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{4506DF19-34C4-467F-A305-81241F34E03A}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{B2FB42EF-2792-41CE-BD13-CDAA2FC378AD}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{DC6EC7A9-76AA-4DE7-B37A-99D8BEADE131}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{CFEE2A02-79F0-460A-8D4A-B066C0CBFA58}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{C764E5CB-BE9B-4773-B4EC-0E7F1FA35F36}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{C5E3EA69-45DA-4F21-A67C-8456ED7BB907}] => (Allow) C:\WINDOWS\system32\InstallShield\x32\setup.exe (Ghisler Software GmbH -> )
FirewallRules: [{572802B3-417F-4E13-9657-9CA79E80BFF0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{979F9B6C-558F-46EE-AE0F-5463053A2D36}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{A714F5E9-EE96-446D-AC7C-86590FA12403}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E205A33B-2E3C-403B-8389-D5CE2D53C1EE}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{93E1560C-848B-4C14-AAB3-8500AECAAE00}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BF666A0C-FCBB-4354-AF19-ACD86FC71623}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{79BB3168-0940-4AF9-952E-24AAB607905A}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D7247124-9FA0-46AC-B243-13F98BA40EA5}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6704B659-10E2-4E72-B184-60677C1C27A4}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:56.99 GB) (Free:3.23 GB) (6%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (02/02/2020 06:38:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 06:38:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:34:17 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-LMBQQVTN)
Description: httphttp-2147467263
Error: (02/02/2020 04:24:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:24:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Epson Software\Easy Photo Print\EPQuicker.exe se nezdařilo.
Závislé sestavení Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.
Error: (02/02/2020 04:09:34 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (02/02/2020 06:42:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 11krát.
Error: (02/02/2020 06:40:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 10krát.
Error: (02/02/2020 06:38:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 9krát.
Error: (02/02/2020 04:59:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 8krát.
Error: (02/02/2020 04:58:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (02/02/2020 04:58:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 7krát.
Error: (02/02/2020 04:34:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 6krát.
Error: (02/02/2020 04:33:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_9b672c byla neočekávaně ukončena. Tento stav nastal již 5krát.
Windows Defender:
===================================
Date: 2018-12-11 14:56:04.306
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Unwaders.C!ml
ID: 242874
Závažnost: Závažná
Kategorie: Potenciálne nežiaduci softvér
Cesta: file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\072344\urlmon.7z; file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\352334\urlmon.7z; file:_C:\Users\Kateřina\Favorites\Res.Center.ponse\502221\urlmon.7z
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.922
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.580
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:14.035
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-11 11:25:13.615
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Dexphot.A
ID: 2147730490
Závažnost: Závažná
Kategorie: Trójsky kôň
Cesta: file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\062124\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071214\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\071404\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\072314\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\081554\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\121934\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\401741\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Doctor Web.Sign\431134\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\022127\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061334\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061714\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\061904\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\062054\MSE.Engine.dll; file:_C:\Users\Kateřina\Favorites\Extended.Web\071524\MSE.Engine.dll; file:_C:\Users\Kate
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-LMBQQVTN\Kateřina
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.283.303.0, AS: 1.283.303.0, NIS: 1.283.303.0
Verze modulu: AM: 1.1.15500.2, NIS: 1.1.15500.2
Date: 2018-12-09 15:07:25.037
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.283.132.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15500.2
Kód chyby: 0x80240016
Popis chyby :Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.
CodeIntegrity:
===================================
Date: 2020-02-02 16:01:49.784
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 19:09:08.550
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 14:17:46.190
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-29 13:49:08.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-28 15:02:38.301
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-27 16:24:12.214
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-26 15:21:07.605
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2020-01-22 13:38:37.603
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO E2CN15WW 09/12/2018
Motherboard: LENOVO Aristotle 11.6
Processor: Intel(R) Atom(TM) CPU Z3735F @ 1.33GHz
Percentage of memory in use: 90%
Total physical RAM: 1977.13 MB
Available physical RAM: 194.34 MB
Total Virtual: 5518.38 MB
Available Virtual: 599.57 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:56.99 GB) (Free:3.24 GB) NTFS
\\?\Volume{9c76ee76-6bb3-4f5a-993b-b448b6702264}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{e1359a58-b0db-4cbb-9fd5-0160589ee3ed}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.21 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 58.2 GB) (Disk ID: 049CE56E)
Partition: GPT.
==================== End of Addition.txt =======================
