Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2019
Ran by Filip (13-11-2019 14:36:10)
Running from C:\Users\Filip\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-22 13:52:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3054716200-2897486703-4280449553-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3054716200-2897486703-4280449553-503 - Limited - Disabled)
Filip (S-1-5-21-3054716200-2897486703-4280449553-1001 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-3054716200-2897486703-4280449553-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3054716200-2897486703-4280449553-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.1.1829.91 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.0.690 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.690 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit Keys (HKLM\...\{69D1C50E-6E4D-416D-A632-875EB3C5EF8A}) (Version: 18.1.690 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - BR (HKLM-x32\...\{1E6087A4-1715-4B43-9090-A3B1EFD55EF8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Capture (HKLM-x32\...\{32398CCC-C644-487E-B22B-58AE0BE0C7AE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Common (HKLM-x32\...\{796CC87C-5679-49D6-9054-FC56B9232A9A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Connect (HKLM-x32\...\{4454CFA8-C64D-4E4A-A085-18B16E0B8BB9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Custom Data (HKLM-x32\...\{9D72E2C7-CD9C-455C-A0DB-B4D3F7B5B9B1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - CZ (HKLM-x32\...\{FD293F31-2661-4721-BF74-6375EA0CC693}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - DrawHome (HKLM-x32\...\{D1444571-9830-4967-A029-903551A49894}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - EN (HKLM-x32\...\{14F44A6C-3096-4C3F-9039-20741B443EC9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - ES (HKLM-x32\...\{448BF8BB-3961-4A6F-80E3-B65B218DFC47}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Filters (HKLM-x32\...\{289F11C5-B482-42B6-8CA8-FF7502E34A52}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - FR (HKLM-x32\...\{A850C65E-8029-4BBD-9DF8-2A178C51C4EB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM (HKLM-x32\...\{C4DF8B81-6925-4D29-8204-933667E127B4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM Content (HKLM-x32\...\{0EC6F0EB-64A9-4A69-B8A2-7CB0779CA7A0}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IT (HKLM-x32\...\{C64347EA-C44C-4A4D-81BC-19EBDD6E8743}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - NL (HKLM-x32\...\{42FCF1AB-3A84-4AAE-9B0D-8550A803F8F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PL (HKLM-x32\...\{490919E0-2440-4362-BA75-D6350F7A1AEF}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PPHome (HKLM-x32\...\{04BBF42B-CCEC-44C6-8DE1-9B3F3ECB6181}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Redist (HKLM-x32\...\{F6B3E5CE-2DCD-4663-9A21-B00872AE17D9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - RU (HKLM-x32\...\{A1F3007B-B716-40C4-9F3C-C81A77926EDE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Setup Files (HKLM-x32\...\{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VBA (HKLM-x32\...\{6268A84D-604F-4085-ADB1-634FCE8BA965}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VideoBrowser (HKLM-x32\...\{A5E75F35-0DFB-4F1F-BB1E-C8B2B2F3B4BA}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Writing Tools (HKLM-x32\...\{7135E09C-980F-4373-B211-04B05C996113}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\_{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1.0.690 - Corel Corporation)
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\{05718EEC-DE09-454E-9D62-3152254742F1}) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.11.552 - Your Company Name) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.92 - McAfee, LLC.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.3 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.17.2 - Okidata)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.11 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.11 - Okidata)
OKI LPR Utility (HKLM-x32\...\{465914BD-324C-4442-A9F6-E9347AB38EB8}) (Version: 5.1.0 - Okidata)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.5 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 3.4.8 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.8 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.7 - Okidata)
PDF24 Creator 9.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFsam Enhanced (HKLM-x32\...\PDFsam Enhanced) (Version: 3.0.31.29080 - Copyright 2016 Andrea Vacondio)
PDFsam Enhanced Asian Fonts Pack (HKLM\...\{817881FA-BD07-4A50-8F77-DA9AA6009093}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Convert Module (HKLM\...\{C3946663-4609-4158-A3AD-B9BFB16496F1}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Create Module (HKLM\...\{F790A93F-B881-4316-BDB4-D02783850695}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Edit Module (HKLM\...\{C584AD88-AFC9-4030-B391-49C0D04F6F1A}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Forms Module (HKLM\...\{3CAC256B-9C84-44F4-AC26-50B07FEA56B6}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Insert Module (HKLM\...\{A06D8CE0-76AA-4968-AC8B-221BE5128646}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced OCR Module (HKLM\...\{B83B283F-87BB-4C61-8F50-E45EDD0C7C8C}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Review Module (HKLM\...\{35AF9861-0E3C-4C81-AFCC-73461EBC00B7}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Secure Module (HKLM\...\{3B633A35-AE66-4AC3-B4A1-D2ED2594D368}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced View Module (HKLM\...\{972049F9-650B-4430-82ED-6080470D27BA}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\PhotoFiltre 7) (Version: - )
SMPlayer 19.1.0 (HKLM-x32\...\SMPlayer) (Version: 19.1.0 - Ricardo Villalba)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG) <==== ATTENTION
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1630.7.0_x86__kgqvnymyfvs32 [2019-11-06] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_6.0.0.3_x86__m9bz608c1b9ra [2019-10-09] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-15] (Fitbit)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.1910.16.0_x64__k1h2ywk1493x8 [2019-11-02] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4 [2019-08-03] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-13] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.9516.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.1.9528.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDF Print Direct] -> {C15F7681-33D8-11D3-A09B-00500402F30B} => C:\Windows\System32\OkDrtPrn.dll [2012-05-28] (Oki Data Corporation) [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced_ManagerExt] -> {9ADBE344-48D8-4317-8CD7-13DA9095B33B} => C:\Program Files\PDFsam Enhanced\creator-context-menu.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxDTCM.dll [2019-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2019-10-12 11:00 - 2019-10-12 11:00 - 000369152 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\b941fa3940bc5ba9ea54021b48194366\Interop.CxHDAudioAPILib.ni.dll
2019-10-12 11:00 - 2019-10-12 11:00 - 000018944 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\14be78a633c55eb6181fab1dbe684d20\Interop.CxUtilSvcLib.ni.dll
2015-09-02 23:24 - 2015-09-02 23:24 - 000119822 _____ () [File not signed] C:\Program Files (x86)\SMPlayer\libgcc_s_dw2-1.dll
2015-09-02 23:24 - 2015-09-02 23:24 - 001031694 _____ () [File not signed] C:\Program Files (x86)\SMPlayer\libstdc++-6.dll
2019-01-29 20:07 - 2019-01-29 20:07 - 000113678 _____ () [File not signed] C:\Program Files (x86)\SMPlayer\zlib1.dll
2019-09-03 15:12 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-09-22 14:58 - 2017-07-05 19:36 - 001168384 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2019-09-22 15:42 - 2019-09-22 15:42 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
2015-09-02 23:24 - 2015-09-02 23:24 - 000081408 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\SMPlayer\libwinpthread-1.dll
2011-08-23 14:33 - 2011-08-23 14:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 16:22 - 2010-01-22 16:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2011-08-19 12:15 - 2011-08-19 12:15 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll
2019-10-19 11:18 - 2010-04-21 13:04 - 000167424 ____N (Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\opnetdsc.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) [File not signed] C:\Windows\System32\OkDrtPrn.dll
2011-10-19 08:02 - 2011-10-19 08:02 - 000068096 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\system32\okis2nka64.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\oklprmon.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\SYSTEM32\oklprrsc.dll
2011-10-19 08:02 - 2011-10-19 08:02 - 000165376 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\system32\oksclnka64.dll
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\OPXMN075.DLL
2019-09-18 20:04 - 2019-06-08 15:48 - 001257472 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
2016-04-19 02:26 - 2016-04-19 02:26 - 000033792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\imageformats\qgif.dll
2016-04-19 02:26 - 2016-04-19 02:26 - 000251392 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\imageformats\qjpeg.dll
2016-04-19 02:28 - 2016-04-19 02:28 - 001468928 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\platforms\qwindows.dll
2017-02-14 11:38 - 2017-02-14 11:38 - 005387264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Core.dll
2016-04-19 02:13 - 2016-04-19 02:13 - 005610496 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Gui.dll
2016-04-19 02:06 - 2016-04-19 02:06 - 001551872 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Network.dll
2016-04-19 05:43 - 2016-04-19 05:43 - 002340864 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Script.dll
2016-04-19 02:21 - 2016-04-19 02:21 - 006518784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Widgets.dll
2016-04-19 02:03 - 2016-04-19 02:03 - 000226816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\SMPlayer\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2019-05-31 19:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\Desktop\chomutov_1920x1080.jpg
DNS Servers: 89.111.65.4 - 89.111.65.68
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A7806D7F-F3E2-4234-9746-7E0F5E925AB1}] => (Allow) LPort=1900
FirewallRules: [{7ABAD88C-C188-4E1B-ABD9-38486F908D26}] => (Allow) LPort=2869
FirewallRules: [{08B88E32-3124-418B-A0BD-209A3E0EC850}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D340C275-19CC-4A62-8886-9553AA2A48F6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{2836F156-0C18-4A64-9297-5B438B1ACFE6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{469AFB81-9EFD-49E6-A1A2-A7FC9E37EFA8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe (Oki Data Corporation -> Oki Data Corproation)
FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe (Oki Data Corporation -> Oki Data Corproation)
FirewallRules: [{B6183BC5-DA39-48EB-86C0-848EB1F7C1B6}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{9BC32188-C56A-4B45-A07E-413C5B1277EB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{69E90987-AFCA-49C8-9F64-C57ED62E8630}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B8015F6-7AB0-4191-A7E6-4A5EF3FB4187}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:76.44 GB) (65%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/13/2019 02:15:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (19580,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/13/2019 04:25:35 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12116,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/13/2019 03:57:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (21752,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/13/2019 03:46:21 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27888; požadovaná velikost: 39480.
Error: (11/12/2019 11:29:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9548,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/12/2019 10:52:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (17624,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/12/2019 10:26:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14896,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/11/2019 09:16:12 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (22456,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
System errors:
=============
Error: (11/13/2019 02:10:39 PM) (Source: DCOM) (EventID: 10000) (User: LAPTOP-KRDM9FQ3)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (11/13/2019 03:45:39 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (11/10/2019 11:39:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-KRDM9FQ3)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/10/2019 11:37:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-KRDM9FQ3)
Description: Server {D18705BE-FC2F-44C8-AEFF-1CD49AEA8FC1} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/10/2019 11:35:55 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-KRDM9FQ3)
Description: Server {F53321FA-34F8-4B7F-B9A3-361877CB94CF} se v daném časovém limitu neregistroval u služby DCOM.
Error: (11/03/2019 08:39:40 AM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (11/02/2019 06:49:36 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-KRDM9FQ3)
Description: Nelze spustit server DCOM: {355822FC-86F1-4BE8-B5F0-A33736789641} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\SysWOW64\prevhost.exe" {355822FC-86F1-4BE8-B5F0-A33736789641} -Embedding
Error: (11/02/2019 06:49:36 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-KRDM9FQ3)
Description: Nelze spustit server DCOM: {355822FC-86F1-4BE8-B5F0-A33736789641} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958016
při provádění příkazu:
"C:\WINDOWS\SysWOW64\prevhost.exe" {355822FC-86F1-4BE8-B5F0-A33736789641} -Embedding
CodeIntegrity:
===================================
Date: 2019-11-13 14:05:20.709
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 14:05:20.694
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 14:05:20.666
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 14:05:20.644
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 14:05:20.586
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-12 15:04:37.431
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-12 15:04:37.422
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-12 15:04:37.410
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 6SCN42WW 05/02/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 74%
Total physical RAM: 7613.43 MB
Available physical RAM: 1947.9 MB
Total Virtual: 9142.2 MB
Available Virtual: 1949.21 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:76.44 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:87.41 GB) NTFS
Drive e: (OKI) (CDROM) (Total:2.34 GB) (Free:0 GB) CDFS
\\?\Volume{06ae05ca-f5ac-44c3-8fcb-05a3b728dc94}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{b1a6e7c9-a952-4104-9474-15cad919f268}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 28A5D9BC)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F5425621)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-11-2019
Ran by Filip (administrator) on LAPTOP-KRDM9FQ3 (LENOVO 81AX) (13-11-2019 14:34:57)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\Apoint.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApRemote.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Oki Data Corporation -> ) C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Ricardo Villalba) [File not signed] C:\Program Files (x86)\SMPlayer\smplayer.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation -> Oki Data Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\MountPoints2: {010aba4a-f35a-11e8-addb-806e6f6e6963} - "E:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\Installer\chrmstp.exe [2019-10-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OKI LPR Utility.lnk [2019-10-19]
ShortcutTarget: OKI LPR Utility.lnk -> C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe (Oki Data Corporation -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09149C52-BE43-44C9-A65D-8882192AA78E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {1CADE521-69D9-44FD-853F-04492EBAF892} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1E8C7B41-BA0A-40AF-8CF3-4CC1133DD9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {2419A6BB-A35B-4EA8-82FE-EE78C0C119DF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38df321b-e2e4-4f06-830c-5001b5321b88 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {29CCDAFF-B9DB-4C7D-981A-E4F2D0AD5E3D} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225216 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {360788D9-F450-4A62-989B-5371D9A1873A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {4688A714-0AF1-455E-9128-FF3E6AECC7D4} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {6A9FEDB5-678F-43A3-B672-AF7885229CCA} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {6BFDE857-3EAF-412A-B395-8CAE91379D37} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\38784a1e-b1e1-4d4e-a45d-6b7eb3189a4b => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {78CA8D6E-9C6A-4C20-8FE0-60C0B109F1A3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {811D2AD3-F440-4ABD-847B-31E803C53C6A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {8B19F368-A3DC-4F20-82CC-CAD48E5D3B0B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bafa84c1-d5d4-43d9-b29e-5d3103eab462 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {8E69A78A-DAD8-48B2-AE9C-A9994B26B2CC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9C5CD607-B9F2-4155-BF78-36300C53F75E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {A00765E5-4DDF-4252-8551-5C17D47D70F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AAD76AC7-39A3-417C-821C-1CC9CA3F76F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB89E52B-0DA2-4521-94AF-DF1F1EFBDC15} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CDC98D23-9C74-4099-B860-1B41B6FBFF17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {E1D1F9AE-E813-4C90-AD6B-FACBA30220BE} - System32\Tasks\RTFTrack => C:\WINDOWS\RTFTrack.exe [5462984 2018-02-06] (Realtek Semiconductor Corp. -> Realtek semiconductor)
Task: {E67323CC-28B6-4AF6-A6AA-66B559BE9AA1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {F38CA4F2-66C7-4E6B-8714-F7FA0134FB9E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE4A8614-57D4-47DE-9582-60D1D1D74C3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 89.111.65.4 89.111.65.68
Tcpip\..\Interfaces\{afd7acdf-4d55-4f72-a87c-54f2f81f77f2}: [DhcpNameServer] 172.168.137.2
Tcpip\..\Interfaces\{dd0745eb-901b-4387-bd5a-174c3f643650}: [DhcpNameServer] 89.111.65.4 89.111.65.68
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-08-23] (McAfee, LLC -> McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-08-23] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-08-23]
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: (PDFsam Enhanced Creator) - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2019-09-28] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2019-11-13]
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe [3418392 2019-04-09] (Intel(R) Software Development Products -> Intel Corporation)
R2 ApHidMonitorService; C:\WINDOWS\system32\Alps\GlidePoint\HidMonitorSvc.exe [345456 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-10] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\elevation_service.exe [984920 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [173136 2019-02-14] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [905472 2019-08-23] (McAfee, LLC -> McAfee, Inc.)
R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [181760 2012-03-28] (Oki Data Corporation) [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2322496 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidFiltr.sys [292768 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094792 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198208 2018-03-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-03-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2017-12-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [421312 2017-12-19] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236808 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-13 14:34 - 2019-11-13 14:35 - 000031929 ____C C:\Users\Filip\Desktop\FRST.txt
2019-11-13 14:34 - 2019-11-13 14:35 - 000000000 ____D C:\FRST
2019-11-13 14:17 - 2019-11-13 14:33 - 002260480 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2019-11-12 22:19 - 2019-11-12 22:19 - 000001168 _____ C:\Users\Public\Desktop\PDF24.lnk
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\Program Files (x86)\PDF24
2019-10-30 15:39 - 2019-09-23 22:54 - 000206208 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000131448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000098176 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000044440 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) C:\WINDOWS\system32\oklprrsc.dll
2019-10-19 11:18 - 2012-09-10 15:33 - 000582656 _____ (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.exe
2019-10-19 11:18 - 2012-09-10 14:08 - 000118272 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklchapp.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\okComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\fxComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\efComDLL.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000049813 ____N C:\WINDOWS\system32\OKDRTPRN.chm
2019-10-19 11:18 - 2012-05-28 08:54 - 000027136 ____N C:\WINDOWS\system32\OkDPnRes.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklprmon.dll
2019-10-19 11:18 - 2011-04-12 17:02 - 000098304 ____N (Oki Data Corporation) C:\WINDOWS\SysWOW64\oklpinst.dll
2019-10-19 11:17 - 2019-10-25 17:50 - 000000000 ____D C:\Users\Filip\AppData\Roaming\OkiData
2019-10-19 11:17 - 2019-10-19 11:17 - 000002001 _____ C:\Users\Public\Desktop\ActKey.lnk
2019-10-19 11:17 - 2019-10-19 11:17 - 000000000 ____D C:\Program Files (x86)\Okidata
2019-10-19 11:13 - 2019-10-19 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPXMN075.DLL
2019-10-19 11:09 - 2019-10-19 11:09 - 000000000 _____ C:\WINDOWS\NICSettingTool.INI
2019-10-15 20:33 - 2019-10-15 20:33 - 024578944 _____ (Piriform Software Ltd) C:\Users\Filip\Downloads\ccsetup563.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-13 14:34 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-13 14:33 - 2019-03-13 22:18 - 000000000 ____D C:\Users\Filip\.smplayer
2019-11-13 14:32 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-13 14:10 - 2019-03-18 21:16 - 000000000 ___DC C:\Users\Filip\AppData\Local\CrashDumps
2019-11-13 14:04 - 2019-09-22 14:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-13 14:04 - 2019-09-22 14:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-13 14:03 - 2019-09-22 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-13 04:38 - 2019-09-22 14:51 - 000003492 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Task
2019-11-13 04:38 - 2019-09-22 14:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-13 04:38 - 2019-09-22 14:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-13 04:38 - 2019-09-22 14:51 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-13 04:38 - 2019-09-22 14:51 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3054716200-2897486703-4280449553-1001
2019-11-13 04:38 - 2019-09-22 14:51 - 000002770 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2019-11-13 04:38 - 2019-09-22 14:51 - 000002598 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2019-11-13 04:38 - 2019-09-22 14:51 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-13 04:38 - 2019-09-22 14:51 - 000002024 _____ C:\WINDOWS\system32\Tasks\RTFTrack
2019-11-13 04:38 - 2019-09-22 14:51 - 000002016 _____ C:\WINDOWS\system32\Tasks\RtsCM
2019-11-13 04:10 - 2019-09-22 14:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-13 03:49 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-13 03:49 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-12 21:52 - 2019-03-14 02:55 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2019-11-07 23:56 - 2019-04-25 14:33 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 23:56 - 2019-04-25 14:33 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-06 10:48 - 2019-03-13 14:25 - 000000000 ___DC C:\Users\Filip\AppData\Local\D3DSCache
2019-11-05 15:46 - 2019-04-25 14:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 20:56 - 2019-09-22 14:46 - 000002376 ____C C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-04 20:56 - 2019-03-14 02:57 - 000000000 ___RD C:\Users\Filip\OneDrive
2019-11-02 18:47 - 2019-03-14 05:45 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 00:53 - 2019-10-09 18:36 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-27 15:45 - 2019-03-31 21:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-19 11:19 - 2019-03-18 21:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-10-19 11:18 - 2019-03-30 14:13 - 000000000 ____D C:\Program Files\Okidata
2019-10-16 22:05 - 2019-03-20 19:20 - 000000000 ___DC C:\Users\Filip\AppData\Local\Adobe
2019-10-16 14:32 - 2019-09-22 14:51 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-10-16 14:32 - 2019-09-22 14:51 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-10-16 14:32 - 2019-03-18 17:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-10-15 20:35 - 2019-10-05 18:26 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-10-14 17:30 - 2019-09-22 14:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-10-14 17:30 - 2019-03-19 12:55 - 000685036 _____ C:\WINDOWS\system32\perfh005.dat
2019-10-14 17:30 - 2019-03-19 12:55 - 000137702 _____ C:\WINDOWS\system32\perfc005.dat
2019-10-14 17:24 - 2019-09-22 14:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-14 17:23 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
==================== Files in the root of some directories ========
2019-08-16 16:33 - 2019-08-16 16:33 - 001160736 _____ (NCH Software) C:\Users\Filip\eanimatesetup.exe
2019-06-18 19:17 - 2019-06-18 19:17 - 010094608 _____ () C:\Users\Filip\OKW3C03Z157_243812.exe
2019-08-14 20:06 - 2019-08-14 20:06 - 005239812 _____ () C:\Users\Filip\pf7-setup-en-7.2.1.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Ahoj 
Su s PC aj nejake problemy?
Ak nepotrebujes/nepouzivas, mozes odinstalovat "McAfee WebAdvisor" (zbytocnost, kedze v PC uz je Avast).
Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
Su s PC aj nejake problemy? Ak nepotrebujes/nepouzivas, mozes odinstalovat "McAfee WebAdvisor" (zbytocnost, kedze v PC uz je Avast). Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
- Uloz na plochu a ukonci vsetky programy
- Spusti AdwCleaner ako spravca
- Odsuhlas licencne podmienky
- Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
- Nechaj zaskrtnute vsetky nalezy
- Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
- Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
- Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
Mám problémy s tiskárnou, nemůžu se dostat do nastavení, ale na to jsem již s někým domluvený.
Po skenu se objevilo pouze viz příloha
Po skenu se objevilo pouze viz příloha
- Přílohy
-
- Bez názvu.pdf
- (201.47 KiB) Staženo 82 x
Re: Prosím o kontrolu
Su tam 3 nalezy. Klikni na tlacitko Next (vpravo dole) a potvrd zmazanie a restart PC. Nasledne otvor znovu AdwCleaner, vlavo klikni na Soubory protokolu a posli posledny log. Pripadne log bude umiestneny aj v adresari "C:\AdwCleaner\Logs" pod nazvom v tvare "AdwCleaner[C??].txt".
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
2019-11-13 15:33:48 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-13 15:33:49 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 15:33:51 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 15:33:51 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 15:33:51 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 15:33:51 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 15:33:51 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 15:33:51 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 15:33:51 : <INFO> [SslCert] ALPN: None
2019-11-13 15:33:51 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:33:51 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:33:51 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:33:51 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 15:33:52 : <INFO> [Button clicked] EULA agreed
2019-11-13 15:33:54 : <INFO> [Button clicked] Scan
2019-11-13 15:33:54 : <INFO> [Scan] Started
2019-11-13 15:33:55 : <INFO> [Database] Downloading database
2019-11-13 15:33:56 : <INFO> [Database] Checking integrity
2019-11-13 15:33:56 : <INFO> [Database] Found 2588 families
2019-11-13 15:33:56 : <INFO> [Database] Database v "2019-10-21.1"
2019-11-13 15:33:57 : <INFO> [Loading paths] Local paths loaded
2019-11-13 15:33:57 : <INFO> [Loading paths] Chrome paths loaded
2019-11-13 15:33:57 : <INFO> [Loading paths] User Keys loaded
2019-11-13 15:33:57 : <INFO> [Module initialized] "File"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Folder"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegistryKey"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegistryValue"
2019-11-13 15:33:57 : <INFO> [Module initialized] "TaskName"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Service"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Winlogon"
2019-11-13 15:33:57 : <INFO> [Module initialized] "URL"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegAppInit"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegClasses"
2019-11-13 15:33:57 : <INFO> [Module initialized] "DNS"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegGuid"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegOther"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegProductID"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegSoftware"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegStartup"
2019-11-13 15:33:57 : <INFO> [Module initialized] "WMI"
2019-11-13 15:33:57 : <INFO> [Module initialized] "ChromiumExt"
2019-11-13 15:33:57 : <INFO> [Module initialized] "FirefoxExt"
2019-11-13 15:33:57 : <INFO> [Module initialize] Scan Browser
2019-11-13 15:33:57 : <INFO> [Module initialize] Scan Browser FF
2019-11-13 15:33:57 : <INFO> [Module initialize] FF start pages loaded
2019-11-13 15:33:57 : <INFO> [Module initialize] FF search providers loaded
2019-11-13 15:33:57 : <INFO> [Module initialize] FF plugin list loaded
2019-11-13 15:33:57 : <INFO> [Scan] Exclusions loaded
2019-11-13 15:34:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 15:34:06 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 15:34:06 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Users\\Filip\\AppData\\Local\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\Tasks\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\drivers\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files (x86)\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\ProgramData\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Lenovo Dependency Package_is1" [ "Registry" ]
2019-11-13 15:34:13 : <INFO> [Telemetry] Sending to Influx
2019-11-13 15:34:14 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 15:34:14 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 15:34:14 : <INFO> [SslCert] Locality Name ()
2019-11-13 15:34:14 : <INFO> [SslCert] Organization ()
2019-11-13 15:34:14 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 15:34:14 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 15:34:14 : <INFO> [SslCert] ALPN: Yes
2019-11-13 15:34:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:34:14 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:34:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:34:14 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 15:34:14 : <INFO> [Telemetry] Sending to DSE
2019-11-13 15:34:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 15:34:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 15:34:15 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 15:34:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 15:34:15 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 15:34:15 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 15:34:15 : <INFO> [SslCert] ALPN: Yes
2019-11-13 15:34:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:34:15 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:34:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:34:15 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 15:34:15 : <INFO> [Scan] Finished
2019-11-13 15:34:22 : <INFO> [Button clicked] Next
2019-11-13 15:34:26 : <INFO> [Button clicked] Bundleware found ok button
2019-11-13 15:34:52 : <INFO> [Button clicked] Previous
2019-11-13 15:34:58 : <INFO> [Button clicked] Next
2019-11-13 15:35:01 : <INFO> [Button clicked] Previous
2019-11-13 15:35:24 : <INFO> [Button clicked] Log files menu item
2019-11-13 15:35:38 : <INFO> [Button clicked] Dashboard menu item
2019-11-13 15:35:41 : <INFO> [Button clicked] Next
2019-11-13 15:35:44 : <INFO> [Button clicked] Previous
2019-11-13 15:35:47 : <INFO> [Button clicked] Quarantine menu item
2019-11-13 15:35:50 : <INFO> [Button clicked] Log files menu item
2019-11-13 15:35:52 : <INFO> [Button clicked] Settings menu item
2019-11-13 15:36:04 : <INFO> [Button clicked] Help menu item
2019-11-13 15:36:09 : <INFO> [Button clicked] Dashboard menu item
2019-11-13 15:38:24 : <INFO> [Button clicked] Next
2019-11-13 15:38:32 : <INFO> [Button clicked] Previous
2019-11-13 15:38:42 : <INFO> [Application] Closing AdwCleaner
2019-11-13 21:49:01 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-13 21:49:05 : <INFO> [Button clicked] Survey closed
2019-11-13 21:49:05 : <INFO> [Telemetry] Sending NPS Survey
2019-11-13 21:49:06 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 21:49:07 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:07 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:07 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:07 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:07 : <INFO> [SslCert] Organization ()
lwarebytes.com")
2019-11-13 21:49:07 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:07 : <INFO> [SslCert] ALPN: None
"
2019-11-13 21:49:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:07 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:07 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:07 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 21:49:07 : <INFO> [Button clicked] Scan
2019-11-13 21:49:07 : <INFO> [Scan] Started
2019-11-13 21:49:08 : <INFO> [Database] Downloading database
2019-11-13 21:49:09 : <INFO> [Database] Checking integrity
2019-11-13 21:49:09 : <INFO> [Database] Found 2588 families
2019-11-13 21:49:09 : <INFO> [Database] Database v "2019-10-21.1"
2019-11-13 21:49:09 : <INFO> [Loading paths] Local paths loaded
2019-11-13 21:49:09 : <INFO> [Loading paths] Chrome paths loaded
2019-11-13 21:49:09 : <INFO> [Loading paths] User Keys loaded
2019-11-13 21:49:09 : <INFO> [Module initialized] "File"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Folder"
2019-11-13 21:49:09 : <INFO> [Module initialized] "RegistryKey"
2019-11-13 21:49:09 : <INFO> [Module initialized] "RegistryValue"
2019-11-13 21:49:09 : <INFO> [Module initialized] "TaskName"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Service"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Winlogon"
2019-11-13 21:49:10 : <INFO> [Module initialized] "URL"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegAppInit"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegClasses"
2019-11-13 21:49:10 : <INFO> [Module initialized] "DNS"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegGuid"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegOther"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegProductID"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegSoftware"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegStartup"
2019-11-13 21:49:10 : <INFO> [Module initialized] "WMI"
2019-11-13 21:49:10 : <INFO> [Module initialized] "ChromiumExt"
2019-11-13 21:49:10 : <INFO> [Module initialized] "FirefoxExt"
2019-11-13 21:49:10 : <INFO> [Module initialize] Scan Browser
2019-11-13 21:49:10 : <INFO> [Module initialize] Scan Browser FF
2019-11-13 21:49:10 : <INFO> [Module initialize] FF start pages loaded
2019-11-13 21:49:10 : <INFO> [Module initialize] FF search providers loaded
2019-11-13 21:49:10 : <INFO> [Module initialize] FF plugin list loaded
2019-11-13 21:49:10 : <INFO> [Scan] Exclusions loaded
2019-11-13 21:49:15 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:18 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:18 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Users\\Filip\\AppData\\Local\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\Tasks\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\drivers\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files (x86)\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\ProgramData\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Lenovo Dependency Package_is1" [ "Registry" ]
2019-11-13 21:49:25 : <INFO> [Telemetry] Sending to Influx
2019-11-13 21:49:26 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:26 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:26 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:26 : <INFO> [SslCert] Organization ()
2019-11-13 21:49:26 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:26 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:26 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:26 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:26 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:26 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:26 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:26 : <INFO> [Telemetry] Sending to DSE
2019-11-13 21:49:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:49:27 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 21:49:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 21:49:27 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 21:49:27 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 21:49:27 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:27 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 21:49:27 : <INFO> [Scan] Finished
2019-11-13 21:49:30 : <INFO> [Button clicked] Next
2019-11-13 21:49:34 : <INFO> [Button clicked] Clean & repair
2019-11-13 21:49:37 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-11-13 21:49:37 : <INFO> [Cleaning] Started
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "wsc_proxy.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "AvastSvc.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-11-13 21:49:37 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937"
2019-11-13 21:49:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:37 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 1
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:38 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Apps"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Engine"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Engine\\startmenu"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\IconCache"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\IconCache\\persistent"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 2
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Apps"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Engine"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Engine\\startmenu"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\IconCache"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\IconCache\\persistent"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 3
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <INFO> [Engine Additional Action] "Delete Tracing Keys"
2019-11-13 21:49:39 : <INFO> [Engine Additional Action] "Reset Winsock"
2019-11-13 21:49:39 : <INFO> [Telemetry] Sending to Influx
2019-11-13 21:49:39 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:39 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:39 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:39 : <INFO> [SslCert] Organization ()
2019-11-13 21:49:39 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:39 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:39 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:39 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:39 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:39 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:39 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:39 : <INFO> [Telemetry] Sending to DSE
2019-11-13 21:49:40 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:40 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:49:40 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 21:49:40 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 21:49:40 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 21:49:40 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 21:49:40 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:40 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:40 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 21:49:40 : <INFO> [Cleaning] Finished
2019-11-13 21:49:43 : <INFO> [Button clicked] Dialog button clicked [ 6 ]
2019-11-13 21:49:43 : <INFO> [Application] Closing AdwCleaner
2019-11-13 21:50:23 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-13 21:50:25 : <INFO> [MBBanner] Checking Iris
2019-11-13 21:50:25 : <INFO> [IRIS] Making request
2019-11-13 21:50:25 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 21:50:25 : <INFO> [Telemetry] Sending hello
2019-11-13 21:50:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:50:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:50:27 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:50:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] ALPN: None
2019-11-13 21:50:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:50:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:50:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:50:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:50:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:50:27 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:50:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] ALPN: None
2019-11-13 21:50:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:50:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:50:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:50:27 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 21:50:27 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-11-13 21:50:27 : <INFO> [IRIS] Failed
2019-11-13 21:50:32 : <INFO> [Button clicked] View Log
2019-11-13 21:51:06 : <INFO> [Button clicked] Log files menu item
2019-11-13 15:33:49 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 15:33:51 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 15:33:51 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 15:33:51 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 15:33:51 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 15:33:51 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 15:33:51 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 15:33:51 : <INFO> [SslCert] ALPN: None
2019-11-13 15:33:51 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:33:51 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:33:51 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:33:51 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 15:33:52 : <INFO> [Button clicked] EULA agreed
2019-11-13 15:33:54 : <INFO> [Button clicked] Scan
2019-11-13 15:33:54 : <INFO> [Scan] Started
2019-11-13 15:33:55 : <INFO> [Database] Downloading database
2019-11-13 15:33:56 : <INFO> [Database] Checking integrity
2019-11-13 15:33:56 : <INFO> [Database] Found 2588 families
2019-11-13 15:33:56 : <INFO> [Database] Database v "2019-10-21.1"
2019-11-13 15:33:57 : <INFO> [Loading paths] Local paths loaded
2019-11-13 15:33:57 : <INFO> [Loading paths] Chrome paths loaded
2019-11-13 15:33:57 : <INFO> [Loading paths] User Keys loaded
2019-11-13 15:33:57 : <INFO> [Module initialized] "File"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Folder"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegistryKey"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegistryValue"
2019-11-13 15:33:57 : <INFO> [Module initialized] "TaskName"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Service"
2019-11-13 15:33:57 : <INFO> [Module initialized] "Winlogon"
2019-11-13 15:33:57 : <INFO> [Module initialized] "URL"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegAppInit"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegClasses"
2019-11-13 15:33:57 : <INFO> [Module initialized] "DNS"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegGuid"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegOther"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegProductID"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegSoftware"
2019-11-13 15:33:57 : <INFO> [Module initialized] "RegStartup"
2019-11-13 15:33:57 : <INFO> [Module initialized] "WMI"
2019-11-13 15:33:57 : <INFO> [Module initialized] "ChromiumExt"
2019-11-13 15:33:57 : <INFO> [Module initialized] "FirefoxExt"
2019-11-13 15:33:57 : <INFO> [Module initialize] Scan Browser
2019-11-13 15:33:57 : <INFO> [Module initialize] Scan Browser FF
2019-11-13 15:33:57 : <INFO> [Module initialize] FF start pages loaded
2019-11-13 15:33:57 : <INFO> [Module initialize] FF search providers loaded
2019-11-13 15:33:57 : <INFO> [Module initialize] FF plugin list loaded
2019-11-13 15:33:57 : <INFO> [Scan] Exclusions loaded
2019-11-13 15:34:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 15:34:06 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 15:34:06 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Users\\Filip\\AppData\\Local\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\Tasks\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\drivers\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files (x86)\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\ProgramData\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 15:34:12 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Lenovo Dependency Package_is1" [ "Registry" ]
2019-11-13 15:34:13 : <INFO> [Telemetry] Sending to Influx
2019-11-13 15:34:14 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 15:34:14 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 15:34:14 : <INFO> [SslCert] Locality Name ()
2019-11-13 15:34:14 : <INFO> [SslCert] Organization ()
2019-11-13 15:34:14 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 15:34:14 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 15:34:14 : <INFO> [SslCert] ALPN: Yes
2019-11-13 15:34:14 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:34:14 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:34:14 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:34:14 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 15:34:14 : <INFO> [Telemetry] Sending to DSE
2019-11-13 15:34:15 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 15:34:15 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 15:34:15 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 15:34:15 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 15:34:15 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 15:34:15 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 15:34:15 : <INFO> [SslCert] ALPN: Yes
2019-11-13 15:34:15 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 15:34:15 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 15:34:15 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 15:34:15 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 15:34:15 : <INFO> [Scan] Finished
2019-11-13 15:34:22 : <INFO> [Button clicked] Next
2019-11-13 15:34:26 : <INFO> [Button clicked] Bundleware found ok button
2019-11-13 15:34:52 : <INFO> [Button clicked] Previous
2019-11-13 15:34:58 : <INFO> [Button clicked] Next
2019-11-13 15:35:01 : <INFO> [Button clicked] Previous
2019-11-13 15:35:24 : <INFO> [Button clicked] Log files menu item
2019-11-13 15:35:38 : <INFO> [Button clicked] Dashboard menu item
2019-11-13 15:35:41 : <INFO> [Button clicked] Next
2019-11-13 15:35:44 : <INFO> [Button clicked] Previous
2019-11-13 15:35:47 : <INFO> [Button clicked] Quarantine menu item
2019-11-13 15:35:50 : <INFO> [Button clicked] Log files menu item
2019-11-13 15:35:52 : <INFO> [Button clicked] Settings menu item
2019-11-13 15:36:04 : <INFO> [Button clicked] Help menu item
2019-11-13 15:36:09 : <INFO> [Button clicked] Dashboard menu item
2019-11-13 15:38:24 : <INFO> [Button clicked] Next
2019-11-13 15:38:32 : <INFO> [Button clicked] Previous
2019-11-13 15:38:42 : <INFO> [Application] Closing AdwCleaner
2019-11-13 21:49:01 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-13 21:49:05 : <INFO> [Button clicked] Survey closed
2019-11-13 21:49:05 : <INFO> [Telemetry] Sending NPS Survey
2019-11-13 21:49:06 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 21:49:07 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:07 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:07 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:07 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:07 : <INFO> [SslCert] Organization ()
lwarebytes.com")
2019-11-13 21:49:07 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:07 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:49:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:07 : <INFO> [SslCert] ALPN: None
"
2019-11-13 21:49:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:07 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:07 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:07 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:07 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:07 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 21:49:07 : <INFO> [Button clicked] Scan
2019-11-13 21:49:07 : <INFO> [Scan] Started
2019-11-13 21:49:08 : <INFO> [Database] Downloading database
2019-11-13 21:49:09 : <INFO> [Database] Checking integrity
2019-11-13 21:49:09 : <INFO> [Database] Found 2588 families
2019-11-13 21:49:09 : <INFO> [Database] Database v "2019-10-21.1"
2019-11-13 21:49:09 : <INFO> [Loading paths] Local paths loaded
2019-11-13 21:49:09 : <INFO> [Loading paths] Chrome paths loaded
2019-11-13 21:49:09 : <INFO> [Loading paths] User Keys loaded
2019-11-13 21:49:09 : <INFO> [Module initialized] "File"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Folder"
2019-11-13 21:49:09 : <INFO> [Module initialized] "RegistryKey"
2019-11-13 21:49:09 : <INFO> [Module initialized] "RegistryValue"
2019-11-13 21:49:09 : <INFO> [Module initialized] "TaskName"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Service"
2019-11-13 21:49:09 : <INFO> [Module initialized] "Winlogon"
2019-11-13 21:49:10 : <INFO> [Module initialized] "URL"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegAppInit"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegClasses"
2019-11-13 21:49:10 : <INFO> [Module initialized] "DNS"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegGuid"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegOther"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegProductID"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegSoftware"
2019-11-13 21:49:10 : <INFO> [Module initialized] "RegStartup"
2019-11-13 21:49:10 : <INFO> [Module initialized] "WMI"
2019-11-13 21:49:10 : <INFO> [Module initialized] "ChromiumExt"
2019-11-13 21:49:10 : <INFO> [Module initialized] "FirefoxExt"
2019-11-13 21:49:10 : <INFO> [Module initialize] Scan Browser
2019-11-13 21:49:10 : <INFO> [Module initialize] Scan Browser FF
2019-11-13 21:49:10 : <INFO> [Module initialize] FF start pages loaded
2019-11-13 21:49:10 : <INFO> [Module initialize] FF search providers loaded
2019-11-13 21:49:10 : <INFO> [Module initialize] FF plugin list loaded
2019-11-13 21:49:10 : <INFO> [Scan] Exclusions loaded
2019-11-13 21:49:15 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:18 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:18 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Users\\Filip\\AppData\\Local\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\Tasks\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Windows\\System32\\drivers\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files (x86)\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\Program Files\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "C:\\ProgramData\\LENOVO\\IMCONTROLLER" [ "Folder" ]
2019-11-13 21:49:24 : <INFO> [Scan] Item detected: "Preinstalled.LenovoIMController" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Lenovo Dependency Package_is1" [ "Registry" ]
2019-11-13 21:49:25 : <INFO> [Telemetry] Sending to Influx
2019-11-13 21:49:26 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:26 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:26 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:26 : <INFO> [SslCert] Organization ()
2019-11-13 21:49:26 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:26 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:26 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:26 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:26 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:26 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:26 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:26 : <INFO> [Telemetry] Sending to DSE
2019-11-13 21:49:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:49:27 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 21:49:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 21:49:27 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 21:49:27 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 21:49:27 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:27 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 21:49:27 : <INFO> [Scan] Finished
2019-11-13 21:49:30 : <INFO> [Button clicked] Next
2019-11-13 21:49:34 : <INFO> [Button clicked] Clean & repair
2019-11-13 21:49:37 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-11-13 21:49:37 : <INFO> [Cleaning] Started
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "wsc_proxy.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "AvastSvc.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-11-13 21:49:37 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-11-13 21:49:37 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937"
2019-11-13 21:49:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:37 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 1
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Your Software Deals_is1" [ "Registry" ]
2019-11-13 21:49:38 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Apps"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Engine"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\Engine\\startmenu"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\IconCache"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\2\\Host App Service\\IconCache\\persistent"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 2
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Filip\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Apps"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Engine"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\Engine\\startmenu"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\IconCache"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191113.224937\\3\\Host App Service\\IconCache\\persistent"
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-13 21:49:38 : <DEBUG> [Cleaning] ObjectsProcessed = 3
2019-11-13 21:49:38 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-11-13 21:49:38 : <INFO> [Engine Additional Action] "Delete Tracing Keys"
2019-11-13 21:49:39 : <INFO> [Engine Additional Action] "Reset Winsock"
2019-11-13 21:49:39 : <INFO> [Telemetry] Sending to Influx
2019-11-13 21:49:39 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-13 21:49:39 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-13 21:49:39 : <INFO> [SslCert] Locality Name ()
2019-11-13 21:49:39 : <INFO> [SslCert] Organization ()
2019-11-13 21:49:39 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-13 21:49:39 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-13 21:49:39 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:39 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:39 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:39 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:39 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-13 21:49:39 : <INFO> [Telemetry] Sending to DSE
2019-11-13 21:49:40 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:49:40 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:49:40 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-13 21:49:40 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-13 21:49:40 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-13 21:49:40 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-13 21:49:40 : <INFO> [SslCert] ALPN: Yes
2019-11-13 21:49:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:49:40 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:49:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:49:40 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-13 21:49:40 : <INFO> [Cleaning] Finished
2019-11-13 21:49:43 : <INFO> [Button clicked] Dialog button clicked [ 6 ]
2019-11-13 21:49:43 : <INFO> [Application] Closing AdwCleaner
2019-11-13 21:50:23 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-13 21:50:25 : <INFO> [MBBanner] Checking Iris
2019-11-13 21:50:25 : <INFO> [IRIS] Making request
2019-11-13 21:50:25 : <INFO> [AdwUpgrade] Checking application updates
2019-11-13 21:50:25 : <INFO> [Telemetry] Sending hello
2019-11-13 21:50:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:50:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:50:27 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:50:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] ALPN: None
2019-11-13 21:50:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:50:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:50:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:50:27 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-13 21:50:27 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-13 21:50:27 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-13 21:50:27 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-13 21:50:27 : <INFO> [SslCert] ALPN: None
2019-11-13 21:50:27 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-13 21:50:27 : <INFO> [SslCert] KXE: "ECDH"
2019-11-13 21:50:27 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-13 21:50:27 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-13 21:50:27 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-11-13 21:50:27 : <INFO> [IRIS] Failed
2019-11-13 21:50:32 : <INFO> [Button clicked] View Log
2019-11-13 21:51:06 : <INFO> [Button clicked] Log files menu item
Re: Prosím o kontrolu
Toto nie je spravny log, potrebujem log z cistenia.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Filip\AppData\Local\Host App Service
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [22260 octets] - [13/11/2019 16:33:48]
AdwCleaner[S00].txt - [2251 octets] - [13/11/2019 16:34:13]
AdwCleaner[S01].txt - [2313 octets] - [13/11/2019 22:49:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-13-2019
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Users\Default\AppData\Local\Host App Service
Deleted C:\Users\Filip\AppData\Local\Host App Service
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\Your Software Deals_is1
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [22260 octets] - [13/11/2019 16:33:48]
AdwCleaner[S00].txt - [2251 octets] - [13/11/2019 16:34:13]
AdwCleaner[S01].txt - [2313 octets] - [13/11/2019 22:49:25]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
Re: Prosím o kontrolu
OK, poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Filip (14-11-2019 22:51:00)
Running from C:\Users\Filip\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-22 13:52:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3054716200-2897486703-4280449553-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3054716200-2897486703-4280449553-503 - Limited - Disabled)
Filip (S-1-5-21-3054716200-2897486703-4280449553-1001 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-3054716200-2897486703-4280449553-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3054716200-2897486703-4280449553-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.1.1829.91 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.0.690 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.690 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit Keys (HKLM\...\{69D1C50E-6E4D-416D-A632-875EB3C5EF8A}) (Version: 18.1.690 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - BR (HKLM-x32\...\{1E6087A4-1715-4B43-9090-A3B1EFD55EF8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Capture (HKLM-x32\...\{32398CCC-C644-487E-B22B-58AE0BE0C7AE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Common (HKLM-x32\...\{796CC87C-5679-49D6-9054-FC56B9232A9A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Connect (HKLM-x32\...\{4454CFA8-C64D-4E4A-A085-18B16E0B8BB9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Custom Data (HKLM-x32\...\{9D72E2C7-CD9C-455C-A0DB-B4D3F7B5B9B1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - CZ (HKLM-x32\...\{FD293F31-2661-4721-BF74-6375EA0CC693}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - DrawHome (HKLM-x32\...\{D1444571-9830-4967-A029-903551A49894}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - EN (HKLM-x32\...\{14F44A6C-3096-4C3F-9039-20741B443EC9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - ES (HKLM-x32\...\{448BF8BB-3961-4A6F-80E3-B65B218DFC47}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Filters (HKLM-x32\...\{289F11C5-B482-42B6-8CA8-FF7502E34A52}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - FR (HKLM-x32\...\{A850C65E-8029-4BBD-9DF8-2A178C51C4EB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM (HKLM-x32\...\{C4DF8B81-6925-4D29-8204-933667E127B4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM Content (HKLM-x32\...\{0EC6F0EB-64A9-4A69-B8A2-7CB0779CA7A0}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IT (HKLM-x32\...\{C64347EA-C44C-4A4D-81BC-19EBDD6E8743}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - NL (HKLM-x32\...\{42FCF1AB-3A84-4AAE-9B0D-8550A803F8F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PL (HKLM-x32\...\{490919E0-2440-4362-BA75-D6350F7A1AEF}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PPHome (HKLM-x32\...\{04BBF42B-CCEC-44C6-8DE1-9B3F3ECB6181}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Redist (HKLM-x32\...\{F6B3E5CE-2DCD-4663-9A21-B00872AE17D9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - RU (HKLM-x32\...\{A1F3007B-B716-40C4-9F3C-C81A77926EDE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Setup Files (HKLM-x32\...\{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VBA (HKLM-x32\...\{6268A84D-604F-4085-ADB1-634FCE8BA965}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VideoBrowser (HKLM-x32\...\{A5E75F35-0DFB-4F1F-BB1E-C8B2B2F3B4BA}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Writing Tools (HKLM-x32\...\{7135E09C-980F-4373-B211-04B05C996113}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\_{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1.0.690 - Corel Corporation)
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\{05718EEC-DE09-454E-9D62-3152254742F1}) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.11.552 - Your Company Name) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.3 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.17.2 - Okidata)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.11 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.11 - Okidata)
OKI LPR Utility (HKLM-x32\...\{465914BD-324C-4442-A9F6-E9347AB38EB8}) (Version: 5.1.0 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.5 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 3.4.8 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.8 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.7 - Okidata)
PDF24 Creator 9.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFsam Enhanced (HKLM-x32\...\PDFsam Enhanced) (Version: 3.0.31.29080 - Copyright 2016 Andrea Vacondio)
PDFsam Enhanced Asian Fonts Pack (HKLM\...\{817881FA-BD07-4A50-8F77-DA9AA6009093}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Convert Module (HKLM\...\{C3946663-4609-4158-A3AD-B9BFB16496F1}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Create Module (HKLM\...\{F790A93F-B881-4316-BDB4-D02783850695}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Edit Module (HKLM\...\{C584AD88-AFC9-4030-B391-49C0D04F6F1A}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Forms Module (HKLM\...\{3CAC256B-9C84-44F4-AC26-50B07FEA56B6}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Insert Module (HKLM\...\{A06D8CE0-76AA-4968-AC8B-221BE5128646}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced OCR Module (HKLM\...\{B83B283F-87BB-4C61-8F50-E45EDD0C7C8C}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Review Module (HKLM\...\{35AF9861-0E3C-4C81-AFCC-73461EBC00B7}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Secure Module (HKLM\...\{3B633A35-AE66-4AC3-B4A1-D2ED2594D368}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced View Module (HKLM\...\{972049F9-650B-4430-82ED-6080470D27BA}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\PhotoFiltre 7) (Version: - )
ScannerDriver (HKLM\...\{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation) Hidden
SMPlayer 19.1.0 (HKLM-x32\...\SMPlayer) (Version: 19.1.0 - Ricardo Villalba)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1630.7.0_x86__kgqvnymyfvs32 [2019-11-06] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_6.0.0.3_x86__m9bz608c1b9ra [2019-10-09] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-15] (Fitbit)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.1910.16.0_x64__k1h2ywk1493x8 [2019-11-02] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4 [2019-08-03] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-13] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.9516.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.1.9528.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDF Print Direct] -> {C15F7681-33D8-11D3-A09B-00500402F30B} => C:\Windows\System32\OkDrtPrn.dll [2012-05-28] (Oki Data Corporation) [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced_ManagerExt] -> {9ADBE344-48D8-4317-8CD7-13DA9095B33B} => C:\Program Files\PDFsam Enhanced\creator-context-menu.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxDTCM.dll [2019-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2019-10-12 11:00 - 2019-10-12 11:00 - 000369152 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\b941fa3940bc5ba9ea54021b48194366\Interop.CxHDAudioAPILib.ni.dll
2019-10-12 11:00 - 2019-10-12 11:00 - 000018944 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\14be78a633c55eb6181fab1dbe684d20\Interop.CxUtilSvcLib.ni.dll
2019-09-03 15:12 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-09-22 14:58 - 2017-07-05 19:36 - 001168384 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2011-08-23 14:33 - 2011-08-23 14:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 16:22 - 2010-01-22 16:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2011-08-19 12:15 - 2011-08-19 12:15 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll
2019-10-19 11:18 - 2010-04-21 13:04 - 000167424 ____N (Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\opnetdsc.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) [File not signed] C:\Windows\System32\OkDrtPrn.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\oklprmon.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\SYSTEM32\oklprrsc.dll
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\OPXMN075.DLL
2019-09-18 20:04 - 2019-06-08 15:48 - 001257472 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2019-05-31 19:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\Desktop\chomutov_1920x1080.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A7806D7F-F3E2-4234-9746-7E0F5E925AB1}] => (Allow) LPort=1900
FirewallRules: [{7ABAD88C-C188-4E1B-ABD9-38486F908D26}] => (Allow) LPort=2869
FirewallRules: [{08B88E32-3124-418B-A0BD-209A3E0EC850}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D340C275-19CC-4A62-8886-9553AA2A48F6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{2836F156-0C18-4A64-9297-5B438B1ACFE6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{469AFB81-9EFD-49E6-A1A2-A7FC9E37EFA8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [{B6183BC5-DA39-48EB-86C0-848EB1F7C1B6}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{9BC32188-C56A-4B45-A07E-413C5B1277EB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{69E90987-AFCA-49C8-9F64-C57ED62E8630}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B8015F6-7AB0-4191-A7E6-4A5EF3FB4187}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:77.71 GB) (66%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/14/2019 06:18:20 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (11/14/2019 06:17:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 06:09:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12452,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 06:02:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Název chybujícího modulu: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Kód výjimky: 0x40000015
Posun chyby: 0x00052d24
ID chybujícího procesu: 0x2358
Čas spuštění chybující aplikace: 0x01d59b0d50f76ec4
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
ID zprávy: bb739b61-d858-48b5-b94b-198176c62492
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2019 04:26:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14444,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 04:19:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 03:50:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5392,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 03:38:55 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 15568; požadovaná velikost: 38744.
System errors:
=============
Error: (11/13/2019 10:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/13/2019 10:50:02 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (11/13/2019 10:49:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/13/2019 10:49:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (11/13/2019 10:49:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-11-14 18:02:16.366
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.342
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.332
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.446
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.422
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 6SCN42WW 05/02/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 59%
Total physical RAM: 7613.43 MB
Available physical RAM: 3111.47 MB
Total Virtual: 9149.43 MB
Available Virtual: 4442.82 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:77.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:85.03 GB) NTFS
Drive e: (Cerna Voda) (CDROM) (Total:1.22 GB) (Free:0 GB) UDF
\\?\Volume{06ae05ca-f5ac-44c3-8fcb-05a3b728dc94}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{b1a6e7c9-a952-4104-9474-15cad919f268}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 28A5D9BC)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F5425621)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by Filip (administrator) on LAPTOP-KRDM9FQ3 (LENOVO 81AX) (14-11-2019 22:50:06)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\Apoint.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApRemote.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oki Data Corporation -> ) C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek semiconductor) C:\Windows\RTFTrack.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation -> Oki Data Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\Installer\chrmstp.exe [2019-10-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OKI LPR Utility.lnk [2019-10-19]
ShortcutTarget: OKI LPR Utility.lnk -> C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe (Oki Data Corporation -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09149C52-BE43-44C9-A65D-8882192AA78E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {16C04C65-67CD-4420-840B-FE4E4548178A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c8fdf44-3b25-4d5f-a26a-fcdc657ec312 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {1CADE521-69D9-44FD-853F-04492EBAF892} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1E8C7B41-BA0A-40AF-8CF3-4CC1133DD9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {29CCDAFF-B9DB-4C7D-981A-E4F2D0AD5E3D} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225216 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {360788D9-F450-4A62-989B-5371D9A1873A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {40E67586-D602-4C27-9E3E-C110CD8609E2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\166ada5d-20b1-415a-b92d-2a1cbe5856b9 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {4688A714-0AF1-455E-9128-FF3E6AECC7D4} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {587C85DB-8E6A-4A82-928C-87A5A02C685F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\35aac27b-cd42-4df4-a742-e21786c532f1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {6A9FEDB5-678F-43A3-B672-AF7885229CCA} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {78CA8D6E-9C6A-4C20-8FE0-60C0B109F1A3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {811D2AD3-F440-4ABD-847B-31E803C53C6A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E69A78A-DAD8-48B2-AE9C-A9994B26B2CC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9C5CD607-B9F2-4155-BF78-36300C53F75E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {A00765E5-4DDF-4252-8551-5C17D47D70F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AAD76AC7-39A3-417C-821C-1CC9CA3F76F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB89E52B-0DA2-4521-94AF-DF1F1EFBDC15} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CDC98D23-9C74-4099-B860-1B41B6FBFF17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {E1D1F9AE-E813-4C90-AD6B-FACBA30220BE} - System32\Tasks\RTFTrack => C:\WINDOWS\RTFTrack.exe [5462984 2018-02-06] (Realtek Semiconductor Corp. -> Realtek semiconductor)
Task: {E67323CC-28B6-4AF6-A6AA-66B559BE9AA1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {F38CA4F2-66C7-4E6B-8714-F7FA0134FB9E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE4A8614-57D4-47DE-9582-60D1D1D74C3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{afd7acdf-4d55-4f72-a87c-54f2f81f77f2}: [DhcpNameServer] 172.168.137.2
Tcpip\..\Interfaces\{dd0745eb-901b-4387-bd5a-174c3f643650}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: (PDFsam Enhanced Creator) - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2019-09-28] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2019-11-14]
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe [3418392 2019-04-09] (Intel(R) Software Development Products -> Intel Corporation)
R2 ApHidMonitorService; C:\WINDOWS\system32\Alps\GlidePoint\HidMonitorSvc.exe [345456 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-10] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\elevation_service.exe [984920 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [173136 2019-02-14] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [181760 2012-03-28] (Oki Data Corporation) [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2322496 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidFiltr.sys [292768 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094792 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198208 2018-03-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-03-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2017-12-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [421312 2017-12-19] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236808 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-14 22:49 - 2019-11-14 22:49 - 000000000 ___DC C:\Users\Filip\Desktop\FRST-OlderVersion
2019-11-14 18:15 - 2019-11-14 18:15 - 000508911 _____ C:\Users\Filip\Downloads\How_to_set_up_the_OKI_MB451-471w_Wireless_Option_v1.00_tcm3-139577.pdf
2019-11-14 18:06 - 2019-11-14 18:06 - 014972688 _____ C:\Users\Filip\Downloads\MC5(3)x2ES5(3)4x2_ScannerDriver64_102_40135.exe
2019-11-14 18:06 - 2013-05-09 11:40 - 000000000 ____D C:\Users\Filip\Downloads\MC5(3)x2ES5(3)4x2_ScannerDriver64_102
2019-11-14 18:05 - 2019-11-14 18:05 - 002794744 _____ C:\Users\Filip\Downloads\OKW3X04O104x64_40160.exe
2019-11-14 18:05 - 2014-04-15 12:51 - 000000000 ____D C:\Users\Filip\Downloads\OKW3X04O104x64
2019-11-14 18:00 - 2019-11-14 18:19 - 000000036 _____ C:\Users\Filip\AppData\Roaming\opusbext.dat
2019-11-13 16:44 - 2019-11-13 16:44 - 000206310 ____C C:\Users\Filip\Desktop\Bez názvu.pdf
2019-11-13 16:33 - 2019-11-13 22:49 - 000000000 ____D C:\AdwCleaner
2019-11-13 16:32 - 2019-11-13 16:32 - 007622344 _____ (Malwarebytes) C:\Users\Filip\Desktop\adwcleaner_7.4.2.exe
2019-11-13 14:36 - 2019-11-13 14:37 - 000037685 ____C C:\Users\Filip\Desktop\Addition.txt
2019-11-13 14:34 - 2019-11-14 22:50 - 000029799 ____C C:\Users\Filip\Desktop\FRST.txt
2019-11-13 14:34 - 2019-11-14 22:50 - 000000000 ____D C:\FRST
2019-11-13 14:17 - 2019-11-14 22:49 - 002260480 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2019-11-12 22:19 - 2019-11-12 22:19 - 000001168 _____ C:\Users\Public\Desktop\PDF24.lnk
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\Program Files (x86)\PDF24
2019-10-30 15:39 - 2019-09-23 22:54 - 000206208 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000131448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000098176 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000044440 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) C:\WINDOWS\system32\oklprrsc.dll
2019-10-19 11:18 - 2012-09-10 15:33 - 000582656 _____ (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.exe
2019-10-19 11:18 - 2012-09-10 14:08 - 000118272 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklchapp.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\okComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\fxComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\efComDLL.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000049813 ____N C:\WINDOWS\system32\OKDRTPRN.chm
2019-10-19 11:18 - 2012-05-28 08:54 - 000027136 ____N C:\WINDOWS\system32\OkDPnRes.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklprmon.dll
2019-10-19 11:18 - 2011-04-12 17:02 - 000098304 ____N (Oki Data Corporation) C:\WINDOWS\SysWOW64\oklpinst.dll
2019-10-19 11:17 - 2019-11-14 18:09 - 000000000 ____D C:\Users\Filip\AppData\Roaming\OkiData
2019-10-19 11:17 - 2019-10-19 11:17 - 000002001 _____ C:\Users\Public\Desktop\ActKey.lnk
2019-10-19 11:17 - 2019-10-19 11:17 - 000000000 ____D C:\Program Files (x86)\Okidata
2019-10-19 11:13 - 2019-10-19 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPXMN075.DLL
2019-10-19 11:09 - 2019-10-19 11:09 - 000000000 _____ C:\WINDOWS\NICSettingTool.INI
2019-10-15 20:33 - 2019-10-15 20:33 - 024578944 _____ (Piriform Software Ltd) C:\Users\Filip\Downloads\ccsetup563.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-14 22:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-14 22:40 - 2019-03-14 02:55 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2019-11-14 18:07 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-14 18:07 - 2019-03-18 21:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-14 18:02 - 2019-03-18 21:16 - 000000000 ___DC C:\Users\Filip\AppData\Local\CrashDumps
2019-11-14 16:43 - 2019-03-13 22:18 - 000000000 ____D C:\Users\Filip\.smplayer
2019-11-14 16:33 - 2019-09-22 14:51 - 000003492 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Task
2019-11-14 16:33 - 2019-09-22 14:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-14 16:33 - 2019-09-22 14:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-14 16:33 - 2019-09-22 14:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-14 16:33 - 2019-09-22 14:51 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-14 16:33 - 2019-09-22 14:51 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3054716200-2897486703-4280449553-1001
2019-11-14 16:33 - 2019-09-22 14:51 - 000002770 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2019-11-14 16:33 - 2019-09-22 14:51 - 000002598 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2019-11-14 16:33 - 2019-09-22 14:51 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-14 16:33 - 2019-09-22 14:51 - 000002024 _____ C:\WINDOWS\system32\Tasks\RTFTrack
2019-11-14 16:33 - 2019-09-22 14:51 - 000002016 _____ C:\WINDOWS\system32\Tasks\RtsCM
2019-11-14 16:24 - 2019-09-22 14:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-14 16:14 - 2019-09-22 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-14 15:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-13 23:02 - 2019-03-31 21:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-13 22:55 - 2019-09-22 14:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-13 22:55 - 2019-03-19 12:55 - 000685036 _____ C:\WINDOWS\system32\perfh005.dat
2019-11-13 22:55 - 2019-03-19 12:55 - 000137702 _____ C:\WINDOWS\system32\perfc005.dat
2019-11-13 22:50 - 2019-09-22 14:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-13 22:49 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-13 14:04 - 2019-09-22 14:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-13 03:49 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-07 23:56 - 2019-04-25 14:33 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 23:56 - 2019-04-25 14:33 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-06 10:48 - 2019-03-13 14:25 - 000000000 ___DC C:\Users\Filip\AppData\Local\D3DSCache
2019-11-05 15:46 - 2019-04-25 14:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 20:56 - 2019-09-22 14:46 - 000002376 ____C C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-04 20:56 - 2019-03-14 02:57 - 000000000 ___RD C:\Users\Filip\OneDrive
2019-11-02 18:47 - 2019-03-14 05:45 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 00:53 - 2019-10-09 18:36 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-19 11:18 - 2019-03-30 14:13 - 000000000 ____D C:\Program Files\Okidata
2019-10-16 22:05 - 2019-03-20 19:20 - 000000000 ___DC C:\Users\Filip\AppData\Local\Adobe
2019-10-16 14:32 - 2019-09-22 14:51 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-10-16 14:32 - 2019-09-22 14:51 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-10-16 14:32 - 2019-03-18 17:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-10-15 20:35 - 2019-10-05 18:26 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories ========
2019-08-16 16:33 - 2019-08-16 16:33 - 001160736 _____ (NCH Software) C:\Users\Filip\eanimatesetup.exe
2019-06-18 19:17 - 2019-06-18 19:17 - 010094608 _____ () C:\Users\Filip\OKW3C03Z157_243812.exe
2019-08-14 20:06 - 2019-08-14 20:06 - 005239812 _____ () C:\Users\Filip\pf7-setup-en-7.2.1.exe
2019-11-14 18:00 - 2019-11-14 18:19 - 000000036 _____ () C:\Users\Filip\AppData\Roaming\opusbext.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by Filip (14-11-2019 22:51:00)
Running from C:\Users\Filip\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-22 13:52:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3054716200-2897486703-4280449553-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3054716200-2897486703-4280449553-503 - Limited - Disabled)
Filip (S-1-5-21-3054716200-2897486703-4280449553-1001 - Administrator - Enabled) => C:\Users\Filip
Guest (S-1-5-21-3054716200-2897486703-4280449553-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3054716200-2897486703-4280449553-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ActKey (HKLM-x32\...\{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.1.1829.91 - Autoři prohlížeče Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.0.690 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\{DA3BB5D6-55FE-4632-87E3-9E823C67B58B}) (Version: 18.1.690 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit Keys (HKLM\...\{69D1C50E-6E4D-416D-A632-875EB3C5EF8A}) (Version: 18.1.690 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - BR (HKLM-x32\...\{1E6087A4-1715-4B43-9090-A3B1EFD55EF8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Capture (HKLM-x32\...\{32398CCC-C644-487E-B22B-58AE0BE0C7AE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Common (HKLM-x32\...\{796CC87C-5679-49D6-9054-FC56B9232A9A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Connect (HKLM-x32\...\{4454CFA8-C64D-4E4A-A085-18B16E0B8BB9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Custom Data (HKLM-x32\...\{9D72E2C7-CD9C-455C-A0DB-B4D3F7B5B9B1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - CZ (HKLM-x32\...\{FD293F31-2661-4721-BF74-6375EA0CC693}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - DrawHome (HKLM-x32\...\{D1444571-9830-4967-A029-903551A49894}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - EN (HKLM-x32\...\{14F44A6C-3096-4C3F-9039-20741B443EC9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - ES (HKLM-x32\...\{448BF8BB-3961-4A6F-80E3-B65B218DFC47}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Filters (HKLM-x32\...\{289F11C5-B482-42B6-8CA8-FF7502E34A52}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - FR (HKLM-x32\...\{A850C65E-8029-4BBD-9DF8-2A178C51C4EB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM (HKLM-x32\...\{C4DF8B81-6925-4D29-8204-933667E127B4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IPM Content (HKLM-x32\...\{0EC6F0EB-64A9-4A69-B8A2-7CB0779CA7A0}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - IT (HKLM-x32\...\{C64347EA-C44C-4A4D-81BC-19EBDD6E8743}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - NL (HKLM-x32\...\{42FCF1AB-3A84-4AAE-9B0D-8550A803F8F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PL (HKLM-x32\...\{490919E0-2440-4362-BA75-D6350F7A1AEF}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - PPHome (HKLM-x32\...\{04BBF42B-CCEC-44C6-8DE1-9B3F3ECB6181}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Redist (HKLM-x32\...\{F6B3E5CE-2DCD-4663-9A21-B00872AE17D9}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - RU (HKLM-x32\...\{A1F3007B-B716-40C4-9F3C-C81A77926EDE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Setup Files (HKLM-x32\...\{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VBA (HKLM-x32\...\{6268A84D-604F-4085-ADB1-634FCE8BA965}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - VideoBrowser (HKLM-x32\...\{A5E75F35-0DFB-4F1F-BB1E-C8B2B2F3B4BA}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 - Writing Tools (HKLM-x32\...\{7135E09C-980F-4373-B211-04B05C996113}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\_{3F0816AB-BA66-4B2F-933A-B533EFBC0098}) (Version: 18.1.0.690 - Corel Corporation)
CorelDRAW Home & Student Suite X8 (HKLM-x32\...\{05718EEC-DE09-454E-9D62-3152254742F1}) (Version: 18.1 - Corel Corporation) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6373 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
IPM_Common_x86 (HKLM-x32\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.11.552 - Your Company Name) Hidden
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.82.00.18 - Lenovo)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
OKI ActKey (HKLM-x32\...\InstallShield_{681B82EF-A457-4849-AABC-5B6099380FA5}) (Version: 1.7.1.0 - Oki Data Corporation)
OKI Alert Info (HKLM-x32\...\{9427081E-AC7E-49D4-964F-E2E27C7175BF}) (Version: 1.3.3 - Okidata)
OKI Color Correct Utility (HKLM-x32\...\{5D729200-F340-4A74-A1E9-32387CDC63EF}) (Version: 2.17.2 - Okidata)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.12 - Okidata)
OKI Configuration Tool (HKLM-x32\...\{0F55DD09-15EC-4F5D-B517-94852884AEF5}) (Version: 1.6.11 - Okidata)
OKI Device Setting (HKLM-x32\...\{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}) (Version: 1.6.11 - Okidata)
OKI LPR Utility (HKLM-x32\...\{465914BD-324C-4442-A9F6-E9347AB38EB8}) (Version: 5.1.0 - Okidata)
OKI MC5(3)x2/ES5(3)4x2 Scanner (HKLM-x32\...\InstallShield_{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation)
OKI Network Setting (HKLM-x32\...\{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}) (Version: 1.0.5 - Okidata)
OKI PDF Print Direct (HKLM-x32\...\{2CA86624-3491-4B2D-B64E-01D2D25AA732}) (Version: 3.4.8 - Okidata)
OKI Storage Manager (HKLM-x32\...\{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}) (Version: 1.0.8 - Okidata)
OKI User Setting (HKLM-x32\...\{C8244493-32A4-4275-8145-D16FFE1D8E36}) (Version: 1.4.7 - Okidata)
PDF24 Creator 9.0.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFsam Enhanced (HKLM-x32\...\PDFsam Enhanced) (Version: 3.0.31.29080 - Copyright 2016 Andrea Vacondio)
PDFsam Enhanced Asian Fonts Pack (HKLM\...\{817881FA-BD07-4A50-8F77-DA9AA6009093}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Convert Module (HKLM\...\{C3946663-4609-4158-A3AD-B9BFB16496F1}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Create Module (HKLM\...\{F790A93F-B881-4316-BDB4-D02783850695}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Edit Module (HKLM\...\{C584AD88-AFC9-4030-B391-49C0D04F6F1A}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Forms Module (HKLM\...\{3CAC256B-9C84-44F4-AC26-50B07FEA56B6}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Insert Module (HKLM\...\{A06D8CE0-76AA-4968-AC8B-221BE5128646}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced OCR Module (HKLM\...\{B83B283F-87BB-4C61-8F50-E45EDD0C7C8C}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Review Module (HKLM\...\{35AF9861-0E3C-4C81-AFCC-73461EBC00B7}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced Secure Module (HKLM\...\{3B633A35-AE66-4AC3-B4A1-D2ED2594D368}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PDFsam Enhanced View Module (HKLM\...\{972049F9-650B-4430-82ED-6080470D27BA}) (Version: 3.1.14.28668 - Andrea Vacondio) Hidden
PhotoFiltre 7 (HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\PhotoFiltre 7) (Version: - )
ScannerDriver (HKLM\...\{14915907-DB64-49DC-BB9D-1935D38CD250}) (Version: 1.0.2.0 - Oki Data Corporation) Hidden
SMPlayer 19.1.0 (HKLM-x32\...\SMPlayer) (Version: 19.1.0 - Ricardo Villalba)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.23.7.0_x86__kgqvnymyfvs32 [2019-10-23] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1630.7.0_x86__kgqvnymyfvs32 [2019-11-06] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_6.0.0.3_x86__m9bz608c1b9ra [2019-10-09] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-05] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-15] (Microsoft Corporation)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-15] (Fitbit)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.1910.16.0_x64__k1h2ywk1493x8 [2019-11-02] (LENOVO INC.)
LenovoUtility -> C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4 [2019-08-03] (LENOVO INC) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-13] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-13] (Microsoft Corporation) [MS Ad]
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.12130.20272.0_x86__8wekyb3d8bbwe [2019-11-02] (Microsoft Corporation)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-11] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.16.0_x64__nfy108tqq3p12 [2019-09-26] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-07] (Microsoft Corporation) [MS Ad]
Power2Go for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.Power2GoforLenovo_8.0.9516.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION) [Startup Task]
PowerDVD for Lenovo -> C:\Program Files\WindowsApps\CyberLinkCorp.th.PowerDVDforLenovo_14.1.9528.0_x86__m916jedk64snt [2019-03-13] (CYBERLINKCOM CORPORATION)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-26] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [PDF Print Direct] -> {C15F7681-33D8-11D3-A09B-00500402F30B} => C:\Windows\System32\OkDrtPrn.dll [2012-05-28] (Oki Data Corporation) [File not signed]
ContextMenuHandlers1: [PDFsamEnhanced_ManagerExt] -> {9ADBE344-48D8-4317-8CD7-13DA9095B33B} => C:\Program Files\PDFsam Enhanced\creator-context-menu.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxDTCM.dll [2019-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarget/?target=marketplace&edition=eid=13472&utm_medium=desktop&x-pos=Metro
==================== Loaded Modules (Whitelisted) =============
2019-10-12 11:00 - 2019-10-12 11:00 - 000369152 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\b941fa3940bc5ba9ea54021b48194366\Interop.CxHDAudioAPILib.ni.dll
2019-10-12 11:00 - 2019-10-12 11:00 - 000018944 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxUtilSvcLib\14be78a633c55eb6181fab1dbe684d20\Interop.CxUtilSvcLib.ni.dll
2019-09-03 15:12 - 2019-05-28 14:06 - 001021440 _____ () [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\LenovoWiFiSecurityPlugin\x86\x86\e_sqlite3.dll
2019-09-22 14:58 - 2017-07-05 19:36 - 001168384 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2011-08-23 14:33 - 2011-08-23 14:33 - 000163840 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\NCRes.dll
2010-01-22 16:22 - 2010-01-22 16:22 - 000032768 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\OPCOMAPI.dll
2011-08-19 12:15 - 2011-08-19 12:15 - 000188416 _____ (Oki Data Corporation) [File not signed] C:\Program Files (x86)\Okidata\ActKey\Scanner Assist\Scanner Assist.dll
2019-10-19 11:18 - 2010-04-21 13:04 - 000167424 ____N (Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\opnetdsc.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) [File not signed] C:\Windows\System32\OkDrtPrn.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\oklprmon.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\SYSTEM32\oklprrsc.dll
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) [File not signed] C:\WINDOWS\System32\OPXMN075.DLL
2019-09-18 20:04 - 2019-06-08 15:48 - 001257472 _____ (Robert Simpson, et al.) [File not signed] C:\ProgramData\Lenovo\iMController\Plugins\GenericMessagingPlugin\x86\x86\SQLite.Interop.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2019-05-31 19:02 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Filip\Desktop\chomutov_1920x1080.jpg
DNS Servers: 10.255.255.10 - 10.255.255.20
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A7806D7F-F3E2-4234-9746-7E0F5E925AB1}] => (Allow) LPort=1900
FirewallRules: [{7ABAD88C-C188-4E1B-ABD9-38486F908D26}] => (Allow) LPort=2869
FirewallRules: [{08B88E32-3124-418B-A0BD-209A3E0EC850}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D340C275-19CC-4A62-8886-9553AA2A48F6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\PPHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{2836F156-0C18-4A64-9297-5B438B1ACFE6}] => (Block) c:\Program Files (x86)\Corel\CorelDRAW Home & Student Suite X8\Programs\DrawHome.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{469AFB81-9EFD-49E6-A1A2-A7FC9E37EFA8}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [{B6183BC5-DA39-48EB-86C0-848EB1F7C1B6}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{9BC32188-C56A-4B45-A07E-413C5B1277EB}] => (Allow) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe (Oki Data Corporation -> Oki Data Corporation)
FirewallRules: [{69E90987-AFCA-49C8-9F64-C57ED62E8630}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.12130.20272.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B8015F6-7AB0-4191-A7E6-4A5EF3FB4187}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:118 GB) (Free:77.71 GB) (66%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/14/2019 06:18:20 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).
Error: (11/14/2019 06:17:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11720,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 06:09:03 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12452,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 06:02:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Název chybujícího modulu: jucheck.exe, verze: 2.8.60.27, časové razítko: 0x55c117d5
Kód výjimky: 0x40000015
Posun chyby: 0x00052d24
ID chybujícího procesu: 0x2358
Čas spuštění chybující aplikace: 0x01d59b0d50f76ec4
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
ID zprávy: bb739b61-d858-48b5-b94b-198176c62492
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/14/2019 04:26:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14444,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 04:19:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1208,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 03:50:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5392,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (11/14/2019 03:38:55 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 15568; požadovaná velikost: 38744.
System errors:
=============
Error: (11/13/2019 10:50:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (11/13/2019 10:50:02 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD
Error: (11/13/2019 10:49:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:43 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.
Cesta k modulu: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error: (11/13/2019 10:49:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (11/13/2019 10:49:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.
Error: (11/13/2019 10:49:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
CodeIntegrity:
===================================
Date: 2019-11-14 18:02:16.366
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.356
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.342
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.332
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-14 18:02:16.247
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.458
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.446
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2019-11-13 22:52:13.422
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO 6SCN42WW 05/02/2019
Motherboard: LENOVO LNVNB161216
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 59%
Total physical RAM: 7613.43 MB
Available physical RAM: 3111.47 MB
Total Virtual: 9149.43 MB
Available Virtual: 4442.82 MB
==================== Drives ================================
Drive c: (Windows-SSD) (Fixed) (Total:118 GB) (Free:77.71 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:85.03 GB) NTFS
Drive e: (Cerna Voda) (CDROM) (Total:1.22 GB) (Free:0 GB) UDF
\\?\Volume{06ae05ca-f5ac-44c3-8fcb-05a3b728dc94}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{b1a6e7c9-a952-4104-9474-15cad919f268}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 28A5D9BC)
Partition: GPT.
==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: F5425621)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by Filip (administrator) on LAPTOP-KRDM9FQ3 (LENOVO 81AX) (14-11-2019 22:50:06)
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApMsgFwd.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApntEx.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\Apoint.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\ApRemote.exe
(ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(ANDREA VACONDIO -> Andrea Vacondio) C:\Program Files\PDFsam Enhanced\creator-ws.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SAII\CxUtilSvc.exe
(Conexant Systems, Inc) [File not signed] C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.342\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_3c52303c2514de7e\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.CompanionApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(LENOVO INC) C:\Program Files\WindowsApps\E0469640.LenovoUtility_3.0.54.0_x64__5grkq8ppsgwt4\VFS\ProgramFilesX64\Lenovo\LenovoUtility\utility.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11911.1001.9.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oki Data Corporation -> ) C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe
(Oki Data Corporation -> Oki Data Corporation) C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe
(Oki Data Corporation) [File not signed] C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek semiconductor) C:\Windows\RTFTrack.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [603992 2017-06-23] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [Network Configuration] => C:\Program Files (x86)\Okidata\ActKey\Network Configuration.exe [725280 2012-08-27] (Oki Data Corporation -> Oki Data Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.97\Installer\chrmstp.exe [2019-11-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\Installer\chrmstp.exe [2019-10-16] (AVAST Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OKI LPR Utility.lnk [2019-10-19]
ShortcutTarget: OKI LPR Utility.lnk -> C:\Program Files\Okidata\OKI LPR Utility\okilpr.exe (Oki Data Corporation -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09149C52-BE43-44C9-A65D-8882192AA78E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {16C04C65-67CD-4420-840B-FE4E4548178A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4c8fdf44-3b25-4d5f-a26a-fcdc657ec312 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {1CADE521-69D9-44FD-853F-04492EBAF892} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1E8C7B41-BA0A-40AF-8CF3-4CC1133DD9F6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {29CCDAFF-B9DB-4C7D-981A-E4F2D0AD5E3D} - System32\Tasks\RtsCM => C:\WINDOWS\RtsCM64.exe [225216 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
Task: {360788D9-F450-4A62-989B-5371D9A1873A} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1869816 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
Task: {40E67586-D602-4C27-9E3E-C110CD8609E2} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\166ada5d-20b1-415a-b92d-2a1cbe5856b9 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {4688A714-0AF1-455E-9128-FF3E6AECC7D4} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {587C85DB-8E6A-4A82-928C-87A5A02C685F} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\35aac27b-cd42-4df4-a742-e21786c532f1 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {6A9FEDB5-678F-43A3-B672-AF7885229CCA} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {78CA8D6E-9C6A-4C20-8FE0-60C0B109F1A3} - System32\Tasks\LenovoUtility Task => C:\Windows\explorer.exe lenovo-utility://
Task: {811D2AD3-F440-4ABD-847B-31E803C53C6A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-09-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {8E69A78A-DAD8-48B2-AE9C-A9994B26B2CC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {9C5CD607-B9F2-4155-BF78-36300C53F75E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {A00765E5-4DDF-4252-8551-5C17D47D70F5} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {AAD76AC7-39A3-417C-821C-1CC9CA3F76F4} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
Task: {AB89E52B-0DA2-4521-94AF-DF1F1EFBDC15} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {CDC98D23-9C74-4099-B860-1B41B6FBFF17} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-25] (Google Inc -> Google LLC)
Task: {E1D1F9AE-E813-4C90-AD6B-FACBA30220BE} - System32\Tasks\RTFTrack => C:\WINDOWS\RTFTrack.exe [5462984 2018-02-06] (Realtek Semiconductor Corp. -> Realtek semiconductor)
Task: {E67323CC-28B6-4AF6-A6AA-66B559BE9AA1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54144 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
Task: {F38CA4F2-66C7-4E6B-8714-F7FA0134FB9E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FE4A8614-57D4-47DE-9582-60D1D1D74C3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{afd7acdf-4d55-4f72-a87c-54f2f81f77f2}: [DhcpNameServer] 172.168.137.2
Tcpip\..\Interfaces\{dd0745eb-901b-4387-bd5a-174c3f643650}: [DhcpNameServer] 10.255.255.10 10.255.255.20
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: PDFsam Enhanced Helper -> {6401BC8F-9AD0-430B-BF2C-2A34B0E98466} -> C:\Program Files (x86)\PDFsam Enhanced\creator-ie-helper.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM-x32 - PDFsam Enhanced Toolbar - {AD42CFE2-C0AD-487E-8224-C2AEF09F4CEB} - C:\Program Files (x86)\PDFsam Enhanced\creator-ie-plugin.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdfsam_enhanced_conv@pdfsam.com] - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension
FF Extension: (PDFsam Enhanced Creator) - C:\Program Files\PDFsam Enhanced\resources\pdfsamenhancedfirefoxextension [2019-09-28] [Legacy] [not signed]
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2019-07-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-05] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDFsam Enhanced -> C:\Program Files (x86)\PDFsam Enhanced\np-previewer.dll [2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default [2019-11-14]
CHR Extension: (Prezentace) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Dokumenty) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Disk Google) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18]
CHR Extension: (YouTube) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Tabulky) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\Filip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AESMService; C:\WINDOWS\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_8f1fe4a9cfb9cf9c\aesm_service.exe [3418392 2019-04-09] (Intel(R) Software Development Products -> Intel Corporation)
R2 ApHidMonitorService; C:\WINDOWS\system32\Alps\GlidePoint\HidMonitorSvc.exe [345456 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-10] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2019-03-18] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\77.1.1829.91\elevation_service.exe [984920 2019-09-25] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 CxUtilSvc; C:\Program Files\Conexant\SAII\CxUtilSvc.exe [173136 2019-02-14] (Conexant Systems LLC -> Conexant Systems, Inc.)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1705040 2017-11-08] (Intel Corporation -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [77208 2019-09-23] (Lenovo -> Lenovo Group Ltd.)
R3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_31a8dbbf39dcdc3b\jhi_service.exe [647568 2019-04-30] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 OpLclSrv; C:\Program Files\Okidata\Common\Extend3\portmgrsrv.exe [181760 2012-03-28] (Oki Data Corporation) [File not signed]
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [487048 2019-10-18] (Geek Software GmbH -> Geek Software GmbH)
S3 PDFsam Enhanced; C:\Program Files\PDFsam Enhanced\ws.exe [2322496 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
S3 PDFsam Enhanced CrashHandler; C:\Program Files\PDFsam Enhanced\crash-handler-ws.exe [921664 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PDFsam Enhanced Creator; C:\Program Files\PDFsam Enhanced\creator-ws.exe [734272 2016-07-06] (ANDREA VACONDIO -> Andrea Vacondio)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 SAService; C:\WINDOWS\system32\SAsrv.exe [416576 2016-10-27] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidFiltr.sys [292768 2018-06-13] (ALPS ELECTRIC CO., LTD. -> Alps Electric Co., Ltd.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-02] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-09] (AVAST Software s.r.o. -> AVAST Software)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69536 2017-11-08] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [382880 2017-11-08] (Intel Corporation -> Intel Corporation)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1094792 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [198208 2018-03-29] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [8614464 2018-03-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010624 2017-12-21] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [421312 2017-12-19] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236808 2018-02-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-14 22:49 - 2019-11-14 22:49 - 000000000 ___DC C:\Users\Filip\Desktop\FRST-OlderVersion
2019-11-14 18:15 - 2019-11-14 18:15 - 000508911 _____ C:\Users\Filip\Downloads\How_to_set_up_the_OKI_MB451-471w_Wireless_Option_v1.00_tcm3-139577.pdf
2019-11-14 18:06 - 2019-11-14 18:06 - 014972688 _____ C:\Users\Filip\Downloads\MC5(3)x2ES5(3)4x2_ScannerDriver64_102_40135.exe
2019-11-14 18:06 - 2013-05-09 11:40 - 000000000 ____D C:\Users\Filip\Downloads\MC5(3)x2ES5(3)4x2_ScannerDriver64_102
2019-11-14 18:05 - 2019-11-14 18:05 - 002794744 _____ C:\Users\Filip\Downloads\OKW3X04O104x64_40160.exe
2019-11-14 18:05 - 2014-04-15 12:51 - 000000000 ____D C:\Users\Filip\Downloads\OKW3X04O104x64
2019-11-14 18:00 - 2019-11-14 18:19 - 000000036 _____ C:\Users\Filip\AppData\Roaming\opusbext.dat
2019-11-13 16:44 - 2019-11-13 16:44 - 000206310 ____C C:\Users\Filip\Desktop\Bez názvu.pdf
2019-11-13 16:33 - 2019-11-13 22:49 - 000000000 ____D C:\AdwCleaner
2019-11-13 16:32 - 2019-11-13 16:32 - 007622344 _____ (Malwarebytes) C:\Users\Filip\Desktop\adwcleaner_7.4.2.exe
2019-11-13 14:36 - 2019-11-13 14:37 - 000037685 ____C C:\Users\Filip\Desktop\Addition.txt
2019-11-13 14:34 - 2019-11-14 22:50 - 000029799 ____C C:\Users\Filip\Desktop\FRST.txt
2019-11-13 14:34 - 2019-11-14 22:50 - 000000000 ____D C:\FRST
2019-11-13 14:17 - 2019-11-14 22:49 - 002260480 _____ (Farbar) C:\Users\Filip\Desktop\FRST64.exe
2019-11-12 22:19 - 2019-11-12 22:19 - 000001168 _____ C:\Users\Public\Desktop\PDF24.lnk
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2019-11-12 22:19 - 2019-11-12 22:19 - 000000000 ____D C:\Program Files (x86)\PDF24
2019-10-30 15:39 - 2019-09-23 22:54 - 000206208 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000131448 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000098176 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-10-30 15:39 - 2019-09-23 22:54 - 000044440 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-10-19 11:18 - 2012-11-21 17:59 - 000033280 _____ (Oki Data Corporation) C:\WINDOWS\system32\oklprrsc.dll
2019-10-19 11:18 - 2012-09-10 15:33 - 000582656 _____ (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.exe
2019-10-19 11:18 - 2012-09-10 14:08 - 000118272 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklchapp.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\okComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\fxComDLL.dll
2019-10-19 11:18 - 2012-05-28 14:54 - 000004096 _____ (Oki Data Corporation) C:\WINDOWS\system32\efComDLL.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000265216 ____N (Oki Data Corporation) C:\WINDOWS\system32\OkDrtPrn.dll
2019-10-19 11:18 - 2012-05-28 08:54 - 000049813 ____N C:\WINDOWS\system32\OKDRTPRN.chm
2019-10-19 11:18 - 2012-05-28 08:54 - 000027136 ____N C:\WINDOWS\system32\OkDPnRes.dll
2019-10-19 11:18 - 2011-04-12 17:05 - 000029696 ____N (Oki Data Corporation) C:\WINDOWS\system32\oklprmon.dll
2019-10-19 11:18 - 2011-04-12 17:02 - 000098304 ____N (Oki Data Corporation) C:\WINDOWS\SysWOW64\oklpinst.dll
2019-10-19 11:17 - 2019-11-14 18:09 - 000000000 ____D C:\Users\Filip\AppData\Roaming\OkiData
2019-10-19 11:17 - 2019-10-19 11:17 - 000002001 _____ C:\Users\Public\Desktop\ActKey.lnk
2019-10-19 11:17 - 2019-10-19 11:17 - 000000000 ____D C:\Program Files (x86)\Okidata
2019-10-19 11:13 - 2019-10-19 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Okidata
2019-10-19 11:12 - 2012-11-06 10:49 - 000167936 _____ (Oki Data Corporation) C:\WINDOWS\system32\OPXMN075.DLL
2019-10-19 11:09 - 2019-10-19 11:09 - 000000000 _____ C:\WINDOWS\NICSettingTool.INI
2019-10-15 20:33 - 2019-10-15 20:33 - 024578944 _____ (Piriform Software Ltd) C:\Users\Filip\Downloads\ccsetup563.exe
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-11-14 22:40 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-14 22:40 - 2019-03-14 02:55 - 000000000 __SHD C:\Users\Filip\IntelGraphicsProfiles
2019-11-14 18:07 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-14 18:07 - 2019-03-18 21:17 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-14 18:02 - 2019-03-18 21:16 - 000000000 ___DC C:\Users\Filip\AppData\Local\CrashDumps
2019-11-14 16:43 - 2019-03-13 22:18 - 000000000 ____D C:\Users\Filip\.smplayer
2019-11-14 16:33 - 2019-09-22 14:51 - 000003492 _____ C:\WINDOWS\system32\Tasks\LenovoUtility Task
2019-11-14 16:33 - 2019-09-22 14:51 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-11-14 16:33 - 2019-09-22 14:51 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-14 16:33 - 2019-09-22 14:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2019-11-14 16:33 - 2019-09-22 14:51 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-14 16:33 - 2019-09-22 14:51 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3054716200-2897486703-4280449553-1001
2019-11-14 16:33 - 2019-09-22 14:51 - 000002770 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2019-11-14 16:33 - 2019-09-22 14:51 - 000002598 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTaskCore
2019-11-14 16:33 - 2019-09-22 14:51 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2019-11-14 16:33 - 2019-09-22 14:51 - 000002024 _____ C:\WINDOWS\system32\Tasks\RTFTrack
2019-11-14 16:33 - 2019-09-22 14:51 - 000002016 _____ C:\WINDOWS\system32\Tasks\RtsCM
2019-11-14 16:24 - 2019-09-22 14:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-11-14 16:14 - 2019-09-22 14:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-14 15:40 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-13 23:02 - 2019-03-31 21:27 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-11-13 22:55 - 2019-09-22 14:54 - 001606102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-13 22:55 - 2019-03-19 12:55 - 000685036 _____ C:\WINDOWS\system32\perfh005.dat
2019-11-13 22:55 - 2019-03-19 12:55 - 000137702 _____ C:\WINDOWS\system32\perfc005.dat
2019-11-13 22:50 - 2019-09-22 14:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-13 22:49 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-11-13 14:04 - 2019-09-22 14:51 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-11-13 03:49 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-07 23:56 - 2019-04-25 14:33 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-07 23:56 - 2019-04-25 14:33 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-11-06 10:48 - 2019-03-13 14:25 - 000000000 ___DC C:\Users\Filip\AppData\Local\D3DSCache
2019-11-05 15:46 - 2019-04-25 14:32 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 20:56 - 2019-09-22 14:46 - 000002376 ____C C:\Users\Filip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-04 20:56 - 2019-03-14 02:57 - 000000000 ___RD C:\Users\Filip\OneDrive
2019-11-02 18:47 - 2019-03-14 05:45 - 000000000 ____D C:\ProgramData\Packages
2019-11-02 00:53 - 2019-10-09 18:36 - 000161544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-19 11:18 - 2019-03-30 14:13 - 000000000 ____D C:\Program Files\Okidata
2019-10-16 22:05 - 2019-03-20 19:20 - 000000000 ___DC C:\Users\Filip\AppData\Local\Adobe
2019-10-16 14:32 - 2019-09-22 14:51 - 000003856 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2019-10-16 14:32 - 2019-09-22 14:51 - 000003272 _____ C:\WINDOWS\system32\Tasks\Avast Secure Browser Heartbeat Task (Logon)
2019-10-16 14:32 - 2019-03-18 17:17 - 000002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2019-10-15 20:35 - 2019-10-05 18:26 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
==================== Files in the root of some directories ========
2019-08-16 16:33 - 2019-08-16 16:33 - 001160736 _____ (NCH Software) C:\Users\Filip\eanimatesetup.exe
2019-06-18 19:17 - 2019-06-18 19:17 - 010094608 _____ () C:\Users\Filip\OKW3C03Z157_243812.exe
2019-08-14 20:06 - 2019-08-14 20:06 - 005239812 _____ () C:\Users\Filip\pf7-setup-en-7.2.1.exe
2019-11-14 18:00 - 2019-11-14 18:19 - 000000036 _____ () C:\Users\Filip\AppData\Roaming\opusbext.dat
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Prosím o kontrolu
Otvor poznamkovy blok (Win+R -> notepad -> enter)
- Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:
Kód: Vybrat vše
Start CloseProcesses: CreateRestorePoint: PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum CMD: dir "C:\Program Files\McAfee" HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL = SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL = S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X] C:\Program Files\McAfee 2019-11-14 22:49 - 2019-11-14 22:49 - 000000000 ___DC C:\Users\Filip\Desktop\FRST-OlderVersion ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File Hosts: EmptyTemp: End - Uloz na plochu s nazvom fixlist.txt
- Spusti znovu FRST a klikni na Fix
- Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
- Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Filip (16-11-2019 07:54:23) Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: dir "C:\Program Files\McAfee"
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
C:\Program Files\McAfee
2019-11-14 22:49 - 2019-11-14 22:49 - 000000000 ___DC C:\Users\Filip\Desktop\FRST-OlderVersion
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 38
Average :
Sum : 302394927
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= dir "C:\Program Files\McAfee" =========
Volume in drive C is Windows-SSD
Volume Serial Number is 74FC-205A
Directory of C:\Program Files
File Not Found
========= End of CMD: =========
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB2CDC60-135E-4C2C-B92D-D9C66595695F} => removed successfully
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
"C:\Program Files\McAfee" => not found
C:\Users\Filip\Desktop\FRST-OlderVersion => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38040307 B
Java, Flash, Steam htmlcache => 321 B
Windows/system/drivers => 381308 B
Edge => 151316 B
Chrome => 405700747 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11456 B
NetworkService => 11456 B
Filip => 32458878 B
RecycleBin => 0 B
EmptyTemp: => 464.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:55:33 ====
Ran by Filip (16-11-2019 07:54:23) Run:1
Running from C:\Users\Filip\Desktop
Loaded Profiles: Filip (Available Profiles: Filip)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:
PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: dir "C:\Program Files\McAfee"
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> DefaultScope {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
SearchScopes: HKU\S-1-5-21-3054716200-2897486703-4280449553-1001 -> {AB2CDC60-135E-4C2C-B92D-D9C66595695F} URL =
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
C:\Program Files\McAfee
2019-11-14 22:49 - 2019-11-14 22:49 - 000000000 ___DC C:\Users\Filip\Desktop\FRST-OlderVersion
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
FirewallRules: [UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe] => (Allow) E:\utilities\nicsetup\nicsettingtool.exe No File
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
Error: (0) Failed to create a restore point.
========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========
Count : 38
Average :
Sum : 302394927
Maximum :
Minimum :
Property : Length
========= End of Powershell: =========
========= dir "C:\Program Files\McAfee" =========
Volume in drive C is Windows-SSD
Volume Serial Number is 74FC-205A
Directory of C:\Program Files
File Not Found
========= End of CMD: =========
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3054716200-2897486703-4280449553-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AB2CDC60-135E-4C2C-B92D-D9C66595695F} => removed successfully
HKLM\System\CurrentControlSet\Services\McAfee WebAdvisor => removed successfully
McAfee WebAdvisor => service removed successfully
"C:\Program Files\McAfee" => not found
C:\Users\Filip\Desktop\FRST-OlderVersion => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{8B92D363-D88D-4A44-AD57-852BDB26431E}E:\utilities\nicsetup\nicsettingtool.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{EC4F8FAD-583F-4209-98AF-5BE9733E743B}E:\utilities\nicsetup\nicsettingtool.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 38040307 B
Java, Flash, Steam htmlcache => 321 B
Windows/system/drivers => 381308 B
Edge => 151316 B
Chrome => 405700747 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 11456 B
NetworkService => 11456 B
Filip => 32458878 B
RecycleBin => 0 B
EmptyTemp: => 464.7 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 07:55:33 ====
Re: Prosím o kontrolu
Ako to vyzera s PC? Su nejake problemy? V PC je nainstalovana zastarala verzia Javy (Java 8 Update 60), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu z https://java.com/en/download/ V zlozke C:\Users\Filip sa nachadzaju 3 instalacky. Ak ich potrebujes, je vhodne presunut ich skor do dokumentov alebo inej zlozky (ak ich nepotrebujes tak mozes ich rovno zmazat):C:\Users\Filip\eanimatesetup.exe
C:\Users\Filip\OKW3C03Z157_243812.exe
C:\Users\Filip\pf7-setup-en-7.2.1.exe
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
Vše smazáno. Problémy nenacházím.
Ještě scan?
Ještě scan?
Re: Prosím o kontrolu
Tak este upraceme po pouzitych nastrojoch:
- Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
- Uloz na plochu a spusti
- Nechaj oznacenu moznost "Remove disinfection tools"
- Klikni na "Run"
Absolvent skoly pre novacikov
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
E-mail: conder (zavinac) forum.viry.cz
Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).
Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.
V pripade spokojnosti je mozne podporit forum. Dakujeme!
Re: Prosím o kontrolu
# DelFix v1.013 - Logfile created 18/11/2019 at 20:11:36
# Updated 17/04/2016 by Xplode
# Username : Filip - LAPTOP-KRDM9FQ3
# Operating System : Windows 10 Home (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Filip\Desktop\Addition.txt
Deleted : C:\Users\Filip\Desktop\adwcleaner_7.4.2.exe
Deleted : C:\Users\Filip\Desktop\Fixlog.txt
Deleted : C:\Users\Filip\Desktop\FRST.txt
Deleted : C:\Users\Filip\Desktop\FRST64.exe
########## - EOF - ##########
# Updated 17/04/2016 by Xplode
# Username : Filip - LAPTOP-KRDM9FQ3
# Operating System : Windows 10 Home (64 bits)
~ Removing disinfection tools ...
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Filip\Desktop\Addition.txt
Deleted : C:\Users\Filip\Desktop\adwcleaner_7.4.2.exe
Deleted : C:\Users\Filip\Desktop\Fixlog.txt
Deleted : C:\Users\Filip\Desktop\FRST.txt
Deleted : C:\Users\Filip\Desktop\FRST64.exe
########## - EOF - ##########
Přispějete na provoz fóra?