rolování oken

bara1317 · Příspěvekod **bara1317** » 12 lis 2017 23:24

RogueKiller V12.11.23.0 (x64) [Nov 6 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : barbara [Práva správce]
Started from : C:\Users\barbara\Downloads\RogueKiller_portable64.exe
Mód : Smazat -- Datum : 11/12/2017 22:35:00 (Duration : 00:44:10)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 8 ¤¤¤
[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\IM -> Nevybráno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\IM -> Nevybráno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 78.157.167.7 78.157.167.57 192.168.100.1 ([-][CZ][-]) -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4236D1C1-F566-4FBB-9344-085B2C594350} | DhcpNameServer : 78.157.167.7 78.157.167.57 192.168.100.1 ([-][CZ][-]) -> Nevybráno

¤¤¤ Úlohy : 7 ¤¤¤
[Hj.Shortcut] \{2E00D0C2-0017-4B51-8C07-D74F42013D35} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.40.0.103/cs ... Error=1603) -> Smazáno
[Hj.Shortcut] \{39F9F9B3-A552-41CC-85CE-5D80253B0A6E} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.39.0.102/cs ... Error=1603) -> Smazáno
[Hj.Shortcut] \{78823520-0F9B-49C2-B44D-8948FC9CB709} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.40.0.103/cs ... Error=1603) -> Smazáno
[Hj.Shortcut] \{87888B13-A43B-489B-8DBC-5C5A2B153648} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.40.0.103/cs ... Error=1603) -> Smazáno
[Hj.Shortcut] \{921E8FFB-99F2-4FE4-93B0-C1923ABC21F6} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.40.0.103/cs ... Error=1603) -> Smazáno
[Hj.Shortcut] \{E93AFDE2-1420-4743-938B-82681613EA62} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.40.0.104/x1 ... age=tsMain) -> Smazáno
[Hj.Shortcut] \{F8E2B8DE-2F01-4B3C-9E48-FF2289A64593} -- "c:\program files (x86)\google\chrome\application\chrome.exe" (https://ui.skype.com/ui/0/7.39.0.102/cs ... Error=1603) -> Smazáno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 1 ¤¤¤
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://seznam.cz/] -> Nevybráno

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10S21X-24R1BT0-SSHD-8GB +++++
--- User ---
[MBR] 3fa9951399542eda3bc2780dab7b6447
[BSP] fa5eef9ef427d9aaa4611299160d8974 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 305475 MB
5 - Basic data partition | Offset (sectors): 630505472 | Size: 604165 MB
6 - Basic data partition | Offset (sectors): 1867835392 | Size: 25600 MB
7 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1920264192 | Size: 16240 MB
User = LL1 ... OK
User = LL2 ... OK

Reklama

bara1317 · Příspěvekod **bara1317** » 12 lis 2017 23:40

Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by barbara on ne 12. 11. 2017 at 23:28:09,16.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\barbara\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12. 11. 2017 23:29:02 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\barbara\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\m9j5zw78.default\prefs.js:

Added to C:\Users\barbara\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\m9j5zw78.default\prefs.js:

==== Firefox Extensions ======================

ProfilePath: C:\Users\barbara\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\m9j5zw78.default
- Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@bluegriffon.org.xpi
- Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@bluegriffon.org.xpi
- English US Language Pack - %ProfilePath%\extensions\langpack-en-US@bluegriffon.org.xpi
- Espaol Espaa Language Pack - %ProfilePath%\extensions\langpack-es-ES@bluegriffon.org.xpi
- Finnish Language Pack - %ProfilePath%\extensions\langpack-fi@bluegriffon.org.xpi
- Franais Language Pack - %ProfilePath%\extensions\langpack-fr@bluegriffon.org.xpi
- Galego Espaa Language Pack - %ProfilePath%\extensions\langpack-gl@bluegriffon.org.xpi
- Hebrew IL Language Pack - %ProfilePath%\extensions\langpack-he@bluegriffon.org.xpi
- Magyar HU Language Pack - %ProfilePath%\extensions\langpack-hu@bluegriffon.org.xpi
- Italiano IT Language Pack - %ProfilePath%\extensions\langpack-it@bluegriffon.org.xpi
- Japanese Language Pack - %ProfilePath%\extensions\langpack-ja@bluegriffon.org.xpi
- Korean KR Language Pack - %ProfilePath%\extensions\langpack-ko@bluegriffon.org.xpi
- Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@bluegriffon.org.xpi
- Polski Language Pack - %ProfilePath%\extensions\langpack-pl@bluegriffon.org.xpi
- Russian RU Language Pack - %ProfilePath%\extensions\langpack-ru@bluegriffon.org.xpi
- Slovenski jezik Language Pack - %ProfilePath%\extensions\langpack-sl@bluegriffon.org.xpi
- sr Language Pack - %ProfilePath%\extensions\langpack-sr@bluegriffon.org.xpi
- Svenska SE Language Pack - %ProfilePath%\extensions\langpack-sv-SE@bluegriffon.org.xpi
- Chinese Simplified zh-CN Language Pack - %ProfilePath%\extensions\langpack-zh-CN@bluegriffon.org.xpi
- Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@bluegriffon.org.xpi

==== Firefox Plugins ======================

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
"Use Search Asst"="yes"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{AE05ADCA-C6D7-41AF-B640-890F5F15D3ED}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{AE05ADCA-C6D7-41AF-B640-890F5F15D3ED} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes\{AE05ADCA-C6D7-41AF-B640-890F5F15D3ED} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

==== Reset Google Chrome ======================

C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\barbara\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\barbara\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\barbara\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\barbara\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\barbara\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 12. 11. 2017 at 23:36:13,62 ======================

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:07

Zemana AntiMalware 2.74.2.150 (inštalačná verzia)

-------------------------------------------------------
Scan Result : Dokončené
Scan Date : 2017/11/13
Operating System : Windows 8.1 64-bit
Processor : 8X Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
BIOS Mode : UEFI
CUID : 1218F16AD66253CCED0AD6
Scan Type : Kontrola systému
Duration : 14m 24s
Scanned Objects : 132073
Detected Objects : 4
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Zapnuté
Detect All Extensions : Vypnuté
Scan Documents : Vypnuté
Domain Info : ARKISS,0,2

Detected Objects
-------------------------------------------------------

Fake Chrome Shortcut
Status : Skontrolované
Object : %appdata%\microsoft\internet explorer\quick launch\user pinned\taskbar\gооglе сhrоmе.lnk
MD5 : 2899BF6A0CA86373995232B8C4BEAF84
Publisher : -
Size : 2273
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Fake Chrome Shortcut
Súbor - %appdata%\microsoft\internet explorer\quick launch\user pinned\taskbar\gооglе сhrоmе.lnk

Fake Chrome Shortcut
Status : Skontrolované
Object : %programdata%\microsoft\windows\start menu\programs\gооglе сhrоmе.lnk
MD5 : 4DD2AD9B3AAA712E0612680064CAD416
Publisher : -
Size : 2249
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Fake Chrome Shortcut
Súbor - %programdata%\microsoft\windows\start menu\programs\gооglе сhrоmе.lnk

Fake Chrome Shortcut
Status : Skontrolované
Object : %appdata%\microsoft\internet explorer\quick launch\gооglе сhrоmе.lnk
MD5 : ED46A1ECAA9ED0DA4A890E23027FF880
Publisher : -
Size : 2261
Version : -
Detection : Podozrivé nastavenie prehliadača
Cleaning Action : Opraviť
Related Objects :
Nastavenie prehliadača - Fake Chrome Shortcut
Súbor - %appdata%\microsoft\internet explorer\quick launch\gооglе сhrоmе.lnk

chrome.bat
Status : Skontrolované
Object : NE->c:\program files (x86)\google\chrome\application\chrome.bat
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Adware:Win32/Gen.bat.AC!Neng
Cleaning Action : Karanténa
Related Objects :
(null) - (null)

Cleaning Result
-------------------------------------------------------
Cleaned : 4
Reported as safe : 0
Failed : 0

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:10

Ke zprávě ze Zemana - bylo zábavné to instalovat v bosenštině - do ničeho lepšího se mi nepovedlo trefit, stadardně se to srolovalo na čínštinu tuším. Taktéž v nastavení jsem se dostala nejvýše, co mě to pustilo, tudíž zpráva je slovensky.

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:15

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:14:04, on 13. 11. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18817)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\barbara\Downloads\HiJackThis.exe
C:\Program Files (x86)\PicPick\picpick.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: IObit Ads Removal - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: Převést &webovou stránku do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Přidat webovou stránku do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppend.html
O8 - Extra context menu item: Připojit cíl vazby &k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll/AcroIEAppendSelLinks.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem32.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\WINDOWS\system32\ibtsiva (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KrosFireBird (KrosPlusFireBird) - Firebird Project - C:\Program Files (x86)\Cenkros\Firebird\FBbin\fbserver.exe
O23 - Service: Lenovo EasyPlus Hotspot - Lenovo - C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LenovoSetSvr - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Settings\LenovoSetSvr.exe
O23 - Service: Lenovo WiFiHotspot Service (LenovoWiFiHotspotSvr) - Unknown owner - C:\Windows\System32\LenovoWiFiHotspotSvr.exe (file missing)
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PDF Architect 5 - pdfforge GmbH - C:\Program Files\PDF Architect 5\ws.exe
O23 - Service: PDF Architect 5 CrashHandler - pdfforge GmbH - C:\Program Files\PDF Architect 5\crash-handler-ws.exe
O23 - Service: PDF Architect 5 Creator - pdfforge GmbH - C:\Program Files\PDF Architect 5\creator-ws.exe
O23 - Service: PDF Architect 5 Manager - Unknown owner - C:\ProgramData\pdfforge\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe (file missing)
O23 - Service: PGService - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
O23 - Service: PG_Service_Launcher - PointGrab LTD - C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TESHelper - Lenovo - c:\Program Files\Common Files\Lenovo\Magic Transfer\x64\MagicTransferTESHelper.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 11527 bytes

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:28

V přiložených PDF ja stav po spuštění HJT

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:35

Jinak stav NB beze změn - v některých oknech se vše roluje dolu, rozbalovací nabídky se zpravidla rolují dolů (dost blbě se volí kupř. znaková sada při načítání do Notepadu, vždy to dojede až k zjednodušené čínštině). Nelze zvolit formát tisku v Autocadu - vždy najede až poslední volba. V prohlížeči se to téměř neobjevuje, zatím jsem zaznamenala jen samovolné zmenšování mapy v nahlížení do katastru - což je velký problém, pro práci se nutně potřebuji "dostat" na určité místo.

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 00:41

Aha, ještě jedna zvláštnost - když kliknu v prohlížeči vpravo na posuvník, tak se posune jen o délku obrazovky. Abych se dostala na spodní okraj, musím klikat nebo rolovat kolečkem. Dříve stačilo kliknout a držet až se stránka srolovala až dolů.

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 01:59

Další zvláštní jev - nový a úporný. Zatím se mi nedaří se toho zbavit. Vyskakuje stále znovu

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 02:31

Po restartu systému se hláška bitdefenderu ztratila (ačkoli netuším, kde se bitdefender vůbec vzal). Pro změnu se přenastavila LAN na PROXY a chvíli mi trvalo, než jsem objevila, proč se nedostanu na internet.

Příspěvekod **jaro3** » 13 lis 2017 09:46

[PUP.Gen1] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\IM -> Nevybráno
[PUP.Gen1] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\IM -> Nevybráno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.seznam.cz/ -> Nevybráno
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Nevybráno
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://lenovo13.msn.com/?pc=LCJB -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 78.157.167.7 78.157.167.57 192.168.100.1 ([-][CZ][-]) -> Nevybráno
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{4236D1C1-F566-4FBB-9344-085B2C594350} | DhcpNameServer : 78.157.167.7 78.157.167.57 192.168.100.1 ([-][CZ][-]) -> Nevybráno

je třeba toto označit a smazat.

Ke zprávě ze Zemana - bylo zábavné to instalovat v bosenštině - do ničeho lepšího se mi nepovedlo trefit, stadardně se to srolovalo na čínštinu tuším. Taktéž v nastavení jsem se dostala nejvýše, co mě to pustilo, tudíž zpráva je slovensky.

to je divné , normální je čeština , bydlíš mimo ČR?

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,

V přiložených PDF ja stav po spuštění HJT

je třeba spouštět HJT jako správce.

BitDefender -- zkus odinstalovat :
Stáhněte si a nainstalujte Revo Uninstaller FreePlease download and install Revo Uninstaller Free
http://www.revouninstaller.com/start_fr ... nload.html
Poklepáním na Revo Uninstaller jej spustit.
Ze seznamu programů klikněte dvakrát na programu odstranit
Až budete vyzváni, zda chcete odinstalovat klepněte na tlačítko Ano.
Ujistěte se, že je vybrána možnost Mírný potom klepněte na tlačítko Další.
Program bude probíhat, Pokud budete vyzváni znovu klepněte na tlačítko Ano
Při vestavěný Uninstaller je dokončena klepněte na tlačítko Další.
Jakmile program hledal zbytky klepněte na tlačítko Další.
Zkontrolujte / zaškrtněte položky Bolded jen na seznamu a potom klepněte na tlačítko Odstranit
Po vyzvání klepněte na Ano a pak na další.
další na všechny složky, které se nachází a vyberte možnost odstranění
Po zobrazení výzvy vyberte ano, pak na další
Poté, co udělal na tlačítko Dokončit.

Máš správně nainstalované ovladače graf. karty?

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

bara1317 · Příspěvekod **bara1317** » 13 lis 2017 14:46

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
Ran by barbara (13-11-2017 14:43:46)
Running from C:\Users\barbara\Downloads
Windows 8.1 (Update) (X64) (2016-12-22 12:39:15)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2155449529-2713239103-2906735623-500 - Administrator - Disabled) => C:\Users\Administrator
barbara (S-1-5-21-2155449529-2713239103-2906735623-1001 - Administrator - Enabled) => C:\Users\barbara
Guest (S-1-5-21-2155449529-2713239103-2906735623-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2155449529-2713239103-2906735623-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Disabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Aktualizace NVIDIA 28.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 28.0.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-E001-0405-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk 360 (HKLM\...\{556966D9-F7F6-421B-9707-D07901604DDF}) (Version: 5.2.3.1000 - Autodesk)
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 – Čeština (Czech) (HKLM\...\AutoCAD 2015 – Čeština (Czech)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0102-111D43815377}) (Version: 1.3.1.39 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
BlueGriffon version 2.3.1 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 2.3.1 - Disruptive Innovations SAS)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
CENKROS 4 (HKLM-x32\...\{30044428-2B17-46EF-B473-28BC89909399}) (Version: - KROS a.s.)
ClPhpEd(remove only) (HKLM-x32\...\ClPhpEd) (Version: - )
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.0.3 - IObit)
Ekonomický systém Money S3 (HKLM-x32\...\Money S3) (Version: 17.900 (20171022_14) - CÍGLER SOFTWARE, a.s.)
Electrum (HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\Electrum) (Version: 2.9.3 - Electrum Technologies GmbH)
eM Client (HKLM-x32\...\{F5AB8A6D-43F5-4C0D-8485-483FF7D1E2D5}) (Version: 7.1.30794.0 - eM Client Inc.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.20 - Lenovo)
FastStone Image Viewer 6.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 6.4 - FastStone Soft)
Glary Utilities 5.87 (HKLM-x32\...\Glary Utilities 5) (Version: 5.87.0.108 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.89 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hightail for Lenovo (HKLM\...\{2F10E937-F6D7-4174-8AB9-B299E8FC5CEC}) (Version: 2.4.97.2857 - Hightail, Inc.)
Import souborů SketchUp (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{0EC7F9CC-4741-45AE-9F55-6E9343F726F5}) (Version: 1.1.0.36960 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3540 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F519CBBC-B049-4117-AF94-63F08E719CA5}) (Version: 17.1.1450.0402 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
IObit Malware Fighter 5 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 5.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.1.0.19 - IObit)
Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java SE Development Kit 8 Update 131 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180131}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 141 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180141}) (Version: 8.0.1410.15 - Oracle Corporation)
Java SE Development Kit 8 Update 144 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180144}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 151 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180151}) (Version: 8.0.1510.12 - Oracle Corporation)
Kros (HKLM\...\{148477A0-A868-425E-9F93-CE8CE95AFE44}) (Version: 8.5.940 - Softland) Hidden
Kros PDF (HKLM-x32\...\{e6b27eee-2b6f-4344-8f4b-93591eb3f24e}) (Version: 162.100.1.0 - Kros a.s.)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.25.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10279 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Motion Control (HKLM-x32\...\{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab) Hidden
Lenovo Motion Control (HKLM-x32\...\InstallShield_{A60E1DE0-2AD1-4BD3-BBCC-4FBB22FB6F85}) (Version: 2.5.1.0225 - PointGrab)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo Settings (HKLM-x32\...\{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo) Hidden
Lenovo Settings (HKLM-x32\...\InstallShield_{42F8AFC3-7944-46CC-9689-94FF9869D0A7}) (Version: 1.0.0.46 - Lenovo)
Lenovo SHAREit (HKLM-x32\...\Lenovo SHAREit_is1) (Version: 2.0.5.0 - Lenovo Group Limited)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.3.0.6 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.1.14.3211 - Lenovo)
Magic Transfer (HKLM-x32\...\{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo) Hidden
Magic Transfer (HKLM-x32\...\InstallShield_{AD2B2BD1-A1D7-4798-8FDD-B2A58FD94E68}) (Version: 1.1.1.11 - Lenovo)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Manager (HKLM-x32\...\{2D00EBC4-DD22-4F5B-9BA1-F98ED2C6FCF2}) (Version: 5.0.15.31893 - 2017 pdfforge GmbH. All rights reserved) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0001.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
novaPDF 8 Printer Driver (HKLM\...\{F9F62525-05B6-4AD7-8D30-0D872CC1FB3C}) (Version: 8.5.940 - Softland)
novaPDF 8 SDK COM (x86) (HKLM-x32\...\{A6DF899D-5518-4DAB-A4F9-F7D0CDD43224}) (Version: 8.5.940 - Softland)
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.61 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.61 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
OpenOffice 4.1.4 (HKLM-x32\...\{6CA4F7F3-B909-4292-B791-AAA959155DE0}) (Version: 4.14.9788 - Apache Software Foundation)
ORPALIS PDF Reducer 3 Free Edition (HKLM-x32\...\{CA597518-9486-4DA2-8CEE-0FADD5CE364A}) (Version: 3.0.19 - ORPALIS)
PDF Architect 5 (HKLM-x32\...\PDF Architect 5) (Version: 5.0.26.34003 - pdfforge GmbH)
PDF Architect 5 Create Module (HKLM\...\{0E25DE98-E56E-4259-B554-F1360BB2DC22}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 Edit Module (HKLM\...\{EE01D8D7-2DD0-4C43-BF42-D9C8FC8DAE99}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDF Architect 5 View Module (HKLM\...\{4DC94B75-B036-474D-8AC8-E2D055C95FBD}) (Version: 5.0.28.34044 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.0.2 - pdfforge GmbH)
PicPick (HKLM-x32\...\PicPick) (Version: 4.2.7 - NGWIN)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)
Roblox Player for barbara (HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
RocketCake 1.4 (remove only) (HKLM-x32\...\RocketCake 1.4) (Version: - Ambiera)
SaveSnap (HKLM-x32\...\SaveSnap) (Version: - )
SketchUp 2016 (HKLM\...\{D87EE6DC-32BA-4219-AC75-0A6FD54ED058}) (Version: 16.0.19912 - Trimble Navigation Limited)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.7.0 - IObit)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Speciální aplikace Autodesk (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.6.46 - Safer-Networking Ltd.)
StageLight (HKLM\...\StageLight) (Version: 1.3.0.4350 - Open Labs, LLC.)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1232 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.81 - Synaptics Incorporated)
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [00001LenovoSyncComplete] -> {1E9CED2C-E7B4-4C47-B07A-25416393B67B} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00002LenovoSyncActive] -> {C1285F4D-918F-4EF2-BC94-CAD5B118C835} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00003LenovoSyncError] -> {CE5633DA-1488-4D1D-9A9B-B500297D4A8C} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ShellIconOverlayIdentifiers-x32: [00004LenovoLocalOnly] -> {C7362DA9-D3AC-4C17-B2F5-2F1823FA04C3} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-12] ()
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers1: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1: [PDFArchitect5_ManagerExt] -> {00B7B69F-6774-4906-9C7F-7D117A3644A9} => C:\Program Files\PDF Architect 5\creator-context-menu.dll [2017-07-05] (pdfforge GmbH)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\WINDOWS\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [000LenovoFoldersContextMenu] -> {D2DB7BAA-9E12-4640-825C-B1EB36A3809A} => C:\Program Files\Hightail\Hightail for Lenovo\YSINSE64.dll [2014-06-23] (Hightail Inc.)
ContextMenuHandlers4: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-04-24] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2014-04-16] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2014-04-16] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-11-12] ()
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers6: [IObit Malware Fighter] -> {0BB81440-5F42-4480-A5F7-770A6F439FC8} => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFShellExt.dll [2017-03-31] (IObit)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2017-05-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10E0830E-B21A-45B1-AE32-2340FD516B34} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit)
Task: {1C7E036A-A57D-4F45-B5BB-D69817B6A491} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {1DA3AFFF-F505-4E66-A437-29FF443A5596} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {259DDAAF-B2AB-4F6F-9EDB-B4CDB452EBB2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {2C5A7E9A-265F-4329-9846-4E8B9911EC2A} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-03-07] (Synaptics Incorporated)
Task: {2E8BD68E-92F5-4029-89A1-D6A5CD46FCA0} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-11-03] (Glarysoft Ltd)
Task: {42BF2F32-9A69-452A-841C-5B28C012FF1B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {53DBB73E-928C-43F0-85F4-E2DAECA61809} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-05] (Google Inc.)
Task: {5928FDA6-E389-4876-BC20-BEBFED53D78F} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Office2013\OFFICEICON.vbs [2013-06-03] ()
Task: {64872B6D-A83A-45C0-8A31-CC2364CCCC21} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-08-18] (NVIDIA Corporation)
Task: {779F898D-2FF8-4BB5-8283-33EB8E44788F} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-08-18] (NVIDIA Corporation)
Task: {7F7A1D49-640D-4DB1-A050-5D8EB52C5899} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {8DFD098B-F9C7-42A3-93D8-5F96BABB1DEF} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2014-05-22] ()
Task: {8F7EB981-0E03-4928-84C1-A91683B04FDC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2017-05-23] (Safer-Networking Ltd.)
Task: {90EB9C44-EC80-436F-B767-FF5654F2AE64} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-11-03] (Glarysoft Ltd)
Task: {95A23EF4-8D2D-4F28-BE7E-FD8474B6E3F1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {97EF61A6-9A7C-4825-85B9-EA65822E6F28} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2017-07-26] ()
Task: {9828AACB-D0A2-42B8-B842-1229FFAEC658} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-05] (Google Inc.)
Task: {9E82D4C9-CA51-4DA9-A79F-FE8A87CA3801} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18] (NVIDIA Corporation)
Task: {AC27CB18-CE03-417B-807A-0B80E68E9430} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {AFAE5CA2-C2D7-4E70-A216-5BCF9153421E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-08-18] (NVIDIA Corporation)
Task: {CEAC9ACD-B920-4B0A-BFD8-C3E3BA3DEDA3} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {D94E96DE-391A-404B-A2E5-305DA1F25E98} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-08-18] (NVIDIA Corporation)
Task: {D9F023A4-56CA-496E-865D-C737DDDC1819} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-08-18] (NVIDIA Corporation)
Task: {DB360708-DD13-41A5-9A5B-A80F6F7F4F62} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo)
Task: {E018848B-22D4-460F-8E05-30BA072B7162} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2013-03-07] (Intel Corporation)
Task: {EB0A556D-4AE7-46F5-8647-B97E28F2C89B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2017-05-23] (Safer-Networking Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic
Shortcut: C:\Users\barbara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) <==== Cyrillic

==================== Loaded Modules (Whitelisted) ==============

2017-01-22 23:29 - 2017-08-18 05:32 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-09-16 04:15 - 2012-04-24 11:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-09-16 03:17 - 2016-12-29 14:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-09-16 04:10 - 2014-09-16 04:10 - 000068880 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2014-09-16 04:10 - 2014-09-16 04:10 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2014-06-17 06:47 - 2014-04-16 09:28 - 000080312 _____ () C:\windows\system32\igfxexps.dll
2014-09-16 03:26 - 2013-10-01 10:09 - 000078880 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2017-11-06 21:03 - 2017-11-05 10:12 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libglesv2.dll
2017-11-06 21:03 - 2017-11-05 10:12 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.89\libegl.dll
2017-11-01 16:25 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2017-11-01 16:25 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2017-11-01 16:25 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2017-11-13 01:20 - 2016-09-13 14:00 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-11-13 01:20 - 2016-09-13 14:00 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-11-13 01:20 - 2016-09-13 14:00 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-09-23 03:37 - 2016-12-12 15:52 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2017-09-23 03:37 - 2016-12-12 15:52 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2017-09-23 03:37 - 2016-12-12 15:52 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2017-11-01 16:25 - 2017-05-22 11:17 - 000899872 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2017-11-01 16:25 - 2017-05-23 18:57 - 000631584 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2017-11-01 16:25 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
2017-01-22 23:29 - 2017-08-18 05:32 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.

IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-11-12 23:29 - 2017-11-13 01:24 - 000454431 ____R C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15601 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2155449529-2713239103-2906735623-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 78.157.167.7 - 78.157.167.57
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{553A8E35-1568-4620-9158-DCEC5F73D348}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{35DC1ED4-510A-4883-AE6A-FB39B78AE400}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{117DFC4C-172D-4496-ABA5-1E69F3FB737D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B0A75022-1A6B-4510-831D-80C36A9E5FCF}] => (Allow) LPort=55100
FirewallRules: [{759A209A-B91C-482D-814A-1BC8FA71850A}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{36C52146-8710-41ED-B8D1-AB27A27BAEA9}] => (Allow) LPort=50248
FirewallRules: [{38F7EE92-FF6C-40F4-AB23-71817EB08874}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9F18CC39-F311-4948-A49B-F126C7EA37A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C74E057E-223E-4792-A882-004E8ED811DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C6376FBE-B7C6-4574-8B4B-0F5F57AF37A3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{C628231B-F313-4E25-8A75-F9B76CD0EDE5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AD1A3828-7F01-4C23-A177-E45E76CDACE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FA1EDC98-6AAE-4F3F-87EA-D8E2525B799E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F6DDBBBA-195A-40F7-A3DE-29689350DB2B}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1A8A0D13-CF5F-4F8C-9F8A-19A24896FA8B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F46A289D-C001-40C5-AD25-C46D77A6CCFD}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{D2E68207-B8EB-4EF5-A8F5-A888324DE5F0}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{C47206C5-C9B2-4AA8-B447-7CEBF76DB0CF}] => (Allow) LPort=8501
FirewallRules: [{55CD5583-712F-469D-BF42-5C3EFC06CFC7}] => (Allow) LPort=8501
FirewallRules: [{8726AC07-FF3C-4FFC-84FA-CCF9DB67FE51}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
FirewallRules: [{AB7751B4-DA38-4C9A-8CE9-DA52F6C3DE7C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DriverBooster.exe
FirewallRules: [{FEE1D3C7-AF18-40F4-B235-92152B548C41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DBDownloader.exe
FirewallRules: [{94D4930A-3569-4EA6-BC64-42F8AE679EB5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\DBDownloader.exe
FirewallRules: [{A52E8408-5766-4CBF-87BE-B000CA7A0203}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\AutoUpdate.exe
FirewallRules: [{8B01A215-7649-4A17-A0BC-BDB00C79288B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.0.3\AutoUpdate.exe
FirewallRules: [{37F02DE7-E533-4EDB-A3A9-D77A43A39E64}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CC6A037B-18A8-42EA-A690-C97CA1027351}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0525B50E-8F88-4C69-9A74-C620457C4F60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D297E60E-31BC-457E-82B9-25A852841099}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{72BD5184-71D8-4F35-ACC9-945E19D07D3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{15583035-9005-4212-B801-45ACD84C07B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

03-11-2017 16:49:58 Instalační služba modulů systému Windows
03-11-2017 17:25:14 Installed Java SE Development Kit 8 Update 151 (64-bit)
08-11-2017 17:36:35 Windows Update
12-11-2017 02:45:35 Driver Booster : Realtek PCIE CardReader
12-11-2017 14:25:18 JRT Pre-Junkware Removal
12-11-2017 15:30:07 Installed Sophos Virus Removal Tool.
12-11-2017 23:28:35 zoek.exe restore point
13-11-2017 01:08:03 Nainstalováno: OpenOffice 4.1.4

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (11/13/2017 02:07:20 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (11/13/2017 02:07:20 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (11/12/2017 05:07:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WSCommCntr4.exe, verze: 4.0.3.0, časové razítko: 0x52df746e
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18821, časové razítko: 0x59ba86db
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b6b9
ID chybujícího procesu: 0x165c
Čas spuštění chybující aplikace: 0x01d35bd047813e91
Cesta k chybující aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 86366701-c7c3-11e7-82b2-303a64e77132
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/12/2017 03:05:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 3.0.0.1247, časové razítko: 0x59f37972
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18821, časové razítko: 0x59ba8666
Kód výjimky: 0xc0000142
Posun chyby: 0x0009d4c2
ID chybujícího procesu: 0xe94
Čas spuštění chybující aplikace: 0x01d35bbf4eb27b2a
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: KERNELBASE.dll
ID zprávy: 930245ba-c7b2-11e7-82b2-303a64e77132
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/12/2017 12:08:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program mbam.exe verze 3.0.0.1247 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1930

Čas spuštění: 01d35b405a32b886

Čas ukončení: 36823

Cesta k aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

ID hlášení: 1e557ae7-c735-11e7-82ae-303a64e77132

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (11/12/2017 12:05:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 62.0.3202.89 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1078

Čas spuštění: 01d35b3f8260827f

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: d59e8854-c734-11e7-82ae-303a64e77132

Úplný název chybujícího balíčku:

ID aplikace související s chybujícím balíčkem:

Error: (11/10/2017 08:59:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WSCommCntr4.exe, verze: 4.0.3.0, časové razítko: 0x52df746e
Název chybujícího modulu: ntdll.dll, verze: 6.3.9600.18821, časové razítko: 0x59ba86db
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000003b6b9
ID chybujícího procesu: 0x1e70
Čas spuštění chybující aplikace: 0x01d35a5e6b34e2c4
Cesta k chybující aplikaci: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: a9b30856-c651-11e7-82ab-303a64e77132
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/08/2017 05:36:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary cpuz143.

System Error:
The system cannot find the file specified.
.

Error: (11/08/2017 12:17:02 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\google\chrome\application\сhrоmе.bаt.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="*",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/07/2017 01:31:07 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro c:\program files (x86)\google\chrome\application\сhrоmе.bаt.exe se nezdařilo.
Závislé sestavení 55.0.2883.87,language="*",type="win32",version="55.0.2883.87" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

System errors:
=============
Error: (11/13/2017 02:40:58 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 10:51:42 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 08:36:48 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 02:06:04 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 02:06:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PG_Service_Launcher neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2017 02:05:25 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

Error: (11/13/2017 02:04:59 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 12:42:50 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Vzájemné ověření mezi místním adaptérem Bluetooth a zařízením s adresou adaptéru Bluetooth (4c:4e:03:3b:bf:da) se nezdařilo.

Error: (11/13/2017 12:42:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PG_Service_Launcher neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (11/13/2017 12:42:12 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Inicializace výpisu stavu systému se nezdařila.

CodeIntegrity:
===================================
Date: 2017-05-10 07:57:53.040
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-20 15:47:44.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-17 06:03:07.576
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-04-01 11:48:03.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-03-27 13:47:23.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-03-13 09:45:30.325
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-03-09 12:50:13.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-24 02:05:23.380
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-24 02:05:23.148
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-02-24 02:05:22.910
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 20%
Total physical RAM: 16296.27 MB
Available physical RAM: 12908.76 MB
Total Virtual: 17320.27 MB
Available Virtual: 14889.02 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:298.32 GB) (Free:204.68 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:19.5 GB) NTFS
Drive e: () (Fixed) (Total:590 GB) (Free:296.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 53BB0211)

Partition: GPT.

==================== End of Addition.txt ============================

rolování oken Vyřešeno

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Re: rolování oken

Kdo je online