Prosím o kontrolu logu Vyřešeno

[jaro3]

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Lukas\AppData\Roaming\Seznam.cz\szninstall.exe" -c

Stáhni si zde DelFix
https://toolslib.net/downloads/viewdownload/2-delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7 a 8, musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt
Další odkazy:
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.

[Reklama]

[tRaviss]

# DelFix v1.013 - Logfile created 06/03/2018 at 17:39:27
# Updated 17/04/2016 by Xplode
# Username : Lukas - LENOVO-PC
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\Lukas\Desktop\AdwCleaner.exe
Deleted : C:\Users\Lukas\Desktop\AdwCleaner[C1].txt
Deleted : C:\Users\Lukas\Desktop\AdwCleaner[S2].txt
Deleted : C:\Users\Lukas\Desktop\JRT.exe
Deleted : C:\Users\Lukas\Desktop\JRT.txt
Deleted : C:\Users\Lukas\Desktop\hijackthis.exe
Deleted : C:\Users\Lukas\Desktop\hijackthis.log
Deleted : C:\Users\Lukas\Desktop\hijackthis1.txt
Deleted : C:\Users\Lukas\Desktop\RogueKiller_portable64.exe
Deleted : C:\Users\Lukas\Desktop\TFC.exe
Deleted : C:\Users\Lukas\Desktop\zoek-results.txt
Deleted : C:\Users\Lukas\Desktop\zoek.exe
Deleted : C:\Users\Lukas\Desktop\zoekk.txt
Deleted : C:\Users\Lukas\Downloads\zoek.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...

Deleted : RP #6 [Scheduled Checkpoint | 03/05/2018 16:25:15]

New restore point created !

########## - EOF - ##########

[tRaviss]

Disk jsem defragmentoval, zde je CrystalDiskInfo a teď jdu ještě na Memtest.

----------------------------------------------------------------------------
CrystalDiskInfo 7.5.2 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 [10.0 Build 16299] (x64)
Date : 2018/03/06 17:42:28

-- Controller Map ----------------------------------------------------------
+ Intel(R) 9 Series Chipset Family SATA AHCI Controller [ATA]
- ST1000LM014-SSHD-8GB
- HL-DT-ST DVDRAM GUC0N
- Řadič prostorů úložišť [SCSI]
- DAEMON Tools Lite Virtual SCSI Bus [SCSI]

-- Disk List ---------------------------------------------------------------
(1) ST1000LM014-SSHD-8GB : 1000,2 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
(1) ST1000LM014-SSHD-8GB
----------------------------------------------------------------------------
Model : ST1000LM014-SSHD-8GB
Firmware : LVD4
Serial Number : W771FSBW
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 4792 hod.
Power On Count : 1551 krát
Temperature : 35 C (95 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 118 _99 __6 00000AAAC090 Počet chyb čtení
03 _98 _97 __0 000000000000 Čas na roztočení ploten
04 _99 _99 _20 0000000005E6 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _77 _60 _30 000206C0DAE1 Počet chybných hledání
09 _95 _95 __0 0000000012B8 Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 00000000060F Počet cyklů zapnutí zařízení
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 _99 __0 000000000001 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _65 _57 _45 000028210023 Teplota toku vzduchu
BF 100 100 __0 000000000000 Počet udalostí zaznamenaných otřesovým senzorem
C0 100 100 __0 00000000000D Počet vypnutí disku
C1 _96 _96 __0 00000000223E Počet cyklů načítání/vymazání
C2 _35 _43 __0 000800000023 Teplota
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
FE 100 100 __0 000000000000 Ochrana proti pádu

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5737 3731 4653 4257
020: 0000 0000 0004 4C56 4434 2020 2020 5354 3130 3030
030: 4C4D 3031 342D 5353 4844 2D38 4742 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0010
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 004C 004C
080: 03F0 001F 346B 7D09 6163 3469 BC09 6163 407F 005E
090: 005E 8080 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 8A11 E8ED 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0108 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 05FF 0280 0000 0000
150: 0008 0000 0000 0000 0000 0001 0000 0000 7200 8006
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 10B1 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0003 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 2BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 76 63 90 C0 AA 0A 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 63 63 E6
020: 05 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 4D 3C E1 DA C0 06 02 00 00 09 32
040: 00 5F 5F B8 12 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 0F 06 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 63 01
080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 41 39 23 00 21 28 00 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 0D
0B0: 00 00 00 00 00 00 C1 32 00 60 60 3E 22 00 00 00
0C0: 00 00 C2 22 00 23 2B 23 00 00 00 08 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 FE 32 00 64 64 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 8B 00 00 73
170: 03 00 01 00 01 C4 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 02 02 02 02 02 02 02
190: 02 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 32 68 80 4C B1 0F 00 00
1B0: 00 00 00 00 01 00 21 17 3B B3 D4 C5 02 00 00 00
1C0: 9D 25 10 BD 18 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 C6 16 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 14 15 8C 00 00 1F

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 2D 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 FE 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 89

[jaro3]

000000000001 Časový limit příkazu
Časový limit - príkaz Command Timeout Počet operací, které byly přerušené kvůli časovému limitu pro pevný disk. Za normálních okolností by se tato hodnota měla rovnat nule. Jestliže je hodnota vyšší než nula, pravděpodobně jsou nějaké problémy s napájením, nebo je datový kabel zoxidovaný.
vyměň datový kabel SATA a dej ho do jiného konektoru SATA.
Pak udělej znovu CDI.

dej vědět , jak dopadl Memtest.

[tRaviss]

Jedná se o notebook, který by měl být ještě v záruce.
MemTest jsem nechal spuštěný cca. 2,5h a žádné errory se neobjevily.

[jaro3]

Můžeš vyjmout disk a pročistit kontakty , nebo je to přelepené?

ještě jeden nástroj:
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[tRaviss]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by Lukas (administrator) on LENOVO-PC (06-03-2018 21:15:27)
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas (Available Profiles: Lukas)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Lenovo) C:\Windows\System32\LenovoUpdate.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.96_none_2c40cc7f3876f2b7\TiWorker.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13874392 2015-01-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392496 2015-02-25] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-11-09] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323312 2015-03-27] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-06] (AVAST Software)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-21] (Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 10.0.0.10
Tcpip\..\Interfaces\{8aedff87-04b2-4030-892c-229779ad3b0e}: [DhcpNameServer] 10.0.0.1 10.0.0.10

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-03-03] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-02] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-02] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-02] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-02] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-02] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-10-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default [2018-03-06]
CHR Extension: (Prezentace) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06]
CHR Extension: (Dokumenty) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06]
CHR Extension: (Disk Google) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06]
CHR Extension: (YouTube) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06]
CHR Extension: (Avast SafePrice) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-03-06]
CHR Extension: (Tabulky) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06]
CHR Extension: (Dokumenty Google offline) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-03-06]
CHR Extension: (Avast Online Security) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-06]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-03-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-03-06]
CHR Extension: (Gmail) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-03-06]
CHR Extension: (Chrome Media Router) - C:\Users\Lukas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-06]
CHR HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-06] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-06] (AVAST Software)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7962800 2018-02-22] (Microsoft Corporation)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [File not signed]
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-11-09] (ELAN Microelectronics Corp.)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19184 2015-03-27] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2017-01-13] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-23] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68408 2017-11-12] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-10-10] (Intel Corporation)
R3 LenovoUpdate; C:\WINDOWS\System32\LenovoUpdate.exe [26608 2018-03-06] (Lenovo)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-06-02] (Lenovo)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 osrss; C:\WINDOWS\system32\osrss.dll [108584 2018-01-09] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-06] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-06] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-06] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-06] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-06] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-06] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-06] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-11] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-06] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-06] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-06] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-06] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-06] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-06] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-06] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-06] (Disc Soft Ltd)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R3 KMDFVirtualKbd; C:\WINDOWS\System32\drivers\KMDFVirtualKbd.sys [22264 2014-08-04] ()
S3 KMDFVirtualMouse; C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys [21240 2014-08-04] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3526392 2017-04-19] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-11-09] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419576 2015-12-05] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [2980056 2014-11-14] (Realtek Semiconductor Corp.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2018-03-06] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-03-06] (Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 21:15 - 2018-03-06 21:15 - 000018863 _____ C:\Users\Lukas\Desktop\FRST.txt
2018-03-06 21:15 - 2018-03-06 21:15 - 000000000 ____D C:\FRST
2018-03-06 21:14 - 2018-03-06 21:14 - 002403328 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2018-03-06 21:14 - 2018-03-06 21:14 - 002403328 _____ (Farbar) C:\Users\Lukas\Desktop\FRST64.exe
2018-03-06 17:40 - 2018-03-06 17:40 - 000001280 _____ C:\Users\Lukas\Desktop\CrystalDiskInfo.lnk
2018-03-06 17:40 - 2018-03-06 17:40 - 000001209 _____ C:\Users\Lukas\Desktop\DelFix.txt
2018-03-06 17:40 - 2018-03-06 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-03-06 17:40 - 2018-03-06 17:40 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2018-03-06 17:40 - 2017-09-29 10:35 - 000013113 _____ C:\Users\Lukas\Desktop\manual.html
2018-03-06 17:39 - 2018-03-06 17:39 - 000001209 _____ C:\DelFix.txt
2018-03-06 17:39 - 2018-03-06 17:38 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-06 17:38 - 2018-03-06 17:38 - 000797760 _____ C:\Users\Lukas\Downloads\delfix_1.013.exe
2018-03-06 17:37 - 2018-03-06 17:38 - 003948184 _____ (Crystal Dew World ) C:\Users\Lukas\Downloads\CrystalDiskInfo7_5_2.exe
2018-03-06 17:37 - 2018-03-06 17:37 - 000016850 _____ C:\Users\Lukas\Downloads\MemTest.zip
2018-03-06 17:36 - 2018-03-06 17:36 - 000000000 ____D C:\Users\Lukas\Desktop\backups
2018-03-06 11:17 - 2018-03-06 21:15 - 000103655 _____ C:\WINDOWS\ZAM.krnl.trace
2018-03-06 11:17 - 2018-03-06 21:15 - 000069134 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-03-06 11:17 - 2018-03-06 11:17 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2018-03-06 11:17 - 2018-03-06 11:17 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2018-03-06 11:17 - 2018-03-06 11:17 - 000001228 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-03-06 11:17 - 2018-03-06 11:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-03-06 11:16 - 2018-03-06 11:17 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-03-06 11:16 - 2018-03-06 11:16 - 000000000 ____D C:\Users\Lukas\AppData\Local\Zemana
2018-03-06 11:11 - 2018-03-06 11:10 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2018-03-06 10:59 - 2018-03-06 11:00 - 006625600 _____ (Zemana Ltd. ) C:\Users\Lukas\Downloads\Zemana.AntiMalware.Setup (2).exe
2018-03-05 19:53 - 2018-03-05 19:53 - 006625600 _____ (Zemana Ltd. ) C:\Users\Lukas\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-03-05 19:14 - 2018-03-05 19:14 - 006625600 _____ (Zemana Ltd. ) C:\Users\Lukas\Downloads\Zemana.AntiMalware.Setup.exe
2018-03-05 14:34 - 2018-03-05 14:34 - 000000000 ____D C:\WINDOWS\OCR
2018-03-05 13:55 - 2018-03-05 13:55 - 000001776 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-03-05 13:55 - 2018-03-05 13:55 - 000000000 ____D C:\Program Files\Defraggler
2018-03-05 13:20 - 2018-03-05 13:21 - 045927018 _____ C:\Users\Lukas\Downloads\lp_c2ad58d3704f06074b24316ca09f329b28a60dd5.cab
2018-03-05 13:03 - 2018-03-05 13:04 - 038929611 _____ C:\Users\Lukas\Downloads\lp_8f4f84cb182188c700e94d80ed5b636a697221e1.cab
2018-03-05 12:55 - 2018-03-05 12:55 - 000000000 ____D C:\Users\Lukas\AppData\Local\ElevatedDiagnostics
2018-03-05 12:11 - 2018-03-05 19:16 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-03-05 12:10 - 2018-03-05 12:45 - 000000000 ____D C:\ProgramData\RogueKiller
2018-03-05 11:02 - 2018-03-05 11:02 - 000000000 ____D C:\ProgramData\Sophos
2018-03-05 11:01 - 2018-03-05 11:01 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-03-05 11:01 - 2018-03-05 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-03-05 11:01 - 2018-03-05 11:01 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-03-03 17:35 - 2018-03-03 17:35 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-03-03 17:35 - 2018-03-03 17:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-03-03 17:35 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-03-03 17:32 - 2018-03-03 17:32 - 000000000 ____D C:\WINDOWS\Panther
2018-03-03 17:24 - 2018-03-03 17:24 - 000050688 _____ (Atribune.org) C:\Users\Lukas\Desktop\ATF-Cleaner.exe
2018-03-02 11:06 - 2018-03-02 11:06 - 000039005 _____ C:\Users\Lukas\Desktop\spolek.pdf
2018-03-01 19:34 - 2018-03-01 19:33 - 008212858 _____ C:\Users\Lukas\Desktop\WC (1).odt
2018-03-01 19:33 - 2018-03-01 19:33 - 008212858 _____ C:\Users\Lukas\Downloads\WC (1).odt
2018-03-01 19:32 - 2018-03-01 19:32 - 008212858 _____ C:\Users\Lukas\Downloads\WC.odt
2018-02-28 20:36 - 2018-02-28 20:36 - 000067072 _____ C:\Users\Lukas\Downloads\PFEuropeanEquityTar_CZK_Hedged.xls
2018-02-20 11:56 - 2018-03-02 20:08 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2018-02-12 11:53 - 2018-02-12 11:53 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-02-12 11:52 - 2018-02-12 11:52 - 000000000 ___HD C:\Users\Lukas\MicrosoftEdgeBackups
2018-02-12 11:50 - 2018-02-12 11:50 - 000000020 ___SH C:\Users\Lukas\ntuser.ini
2018-02-12 07:31 - 2018-02-12 07:35 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-02-12 07:29 - 2018-02-12 07:31 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-02-12 07:29 - 2018-02-12 07:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-02-12 07:26 - 2018-02-12 07:26 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-02-12 07:26 - 2018-02-12 07:26 - 000000000 ____D C:\Program Files\MSBuild
2018-02-12 07:26 - 2018-02-12 07:26 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-02-12 07:26 - 2018-02-12 07:26 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-02-12 07:25 - 2017-09-29 00:50 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-02-12 07:25 - 2017-09-29 00:50 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-02-12 07:25 - 2017-09-29 00:50 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-02-12 07:25 - 2017-09-23 03:19 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-02-12 07:25 - 2017-09-23 03:19 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-02-12 07:25 - 2017-09-23 03:19 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-02-11 23:03 - 2018-03-06 21:13 - 000004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C9F9CABB-2AB3-4E64-84D7-E3E2D1DA9889}
2018-02-11 23:03 - 2018-03-06 20:31 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-02-11 23:03 - 2018-03-06 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-11 23:03 - 2018-02-28 10:29 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-11 23:03 - 2018-02-11 23:03 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-11 23:03 - 2018-02-11 23:03 - 000003358 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1474487644
2018-02-11 23:03 - 2018-02-11 23:03 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-11 23:03 - 2018-02-11 23:03 - 000002938 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1192977186-3134455343-320431860-1001
2018-02-11 23:03 - 2018-02-11 23:03 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1192977186-3134455343-320431860-1001
2018-02-11 23:03 - 2018-02-11 23:03 - 000002822 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2018-02-11 23:03 - 2018-02-11 23:03 - 000002516 _____ C:\WINDOWS\System32\Tasks\HPLJCustParticipation
2018-02-11 23:03 - 2018-02-11 23:03 - 000002438 _____ C:\WINDOWS\System32\Tasks\Lenovo App Services
2018-02-11 23:03 - 2018-02-11 23:03 - 000002386 _____ C:\WINDOWS\System32\Tasks\{A75BA8D5-80EA-4D4F-884D-75D1B67EE1D8}
2018-02-11 23:03 - 2018-02-11 23:03 - 000002318 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1192977186-3134455343-320431860-500
2018-02-11 23:03 - 2018-02-11 23:03 - 000002314 _____ C:\WINDOWS\System32\Tasks\DolbySelectorTask
2018-02-11 23:03 - 2018-02-11 23:03 - 000002270 _____ C:\WINDOWS\System32\Tasks\{07C11F2A-1287-4984-9225-D2BC4AAA2778}
2018-02-11 23:03 - 2018-02-11 23:03 - 000002256 _____ C:\WINDOWS\System32\Tasks\PDVDServ Task
2018-02-11 23:03 - 2018-02-11 23:03 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-02-11 23:03 - 2018-02-11 23:03 - 000002098 _____ C:\WINDOWS\System32\Tasks\CMPCUAC
2018-02-11 23:03 - 2018-02-11 23:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2018-02-11 23:03 - 2018-02-11 23:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-02-11 23:03 - 2018-02-11 23:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-02-11 23:03 - 2018-02-11 23:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2018-02-11 23:03 - 2018-02-11 23:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-02-11 23:03 - 2014-12-10 03:09 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2943985629-2717472603-367765836-500
2018-02-11 23:01 - 2018-02-11 23:03 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-02-11 23:01 - 2018-02-11 23:03 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-02-11 22:58 - 2018-03-06 17:52 - 002660048 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-11 22:50 - 2018-02-11 22:50 - 000000000 ____D C:\ProgramData\USOShared
2018-02-11 22:48 - 2018-02-11 22:48 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-02-11 22:45 - 2018-03-05 13:59 - 000000000 ____D C:\Users\Lukas\AppData\Local\Packages
2018-02-11 22:44 - 2018-03-06 17:47 - 000000000 ____D C:\Users\Lukas
2018-02-11 22:42 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-02-11 22:39 - 2018-03-06 21:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-11 22:39 - 2018-03-02 20:07 - 000471752 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-11 17:19 - 2018-02-28 19:54 - 000000000 ____D C:\Users\Lukas\Desktop\JaT banka
2018-02-09 07:31 - 2018-01-09 16:44 - 000108584 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-06 21:14 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-06 17:57 - 2016-11-26 15:51 - 000121798 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2018-03-06 17:52 - 2016-08-18 05:54 - 001198468 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-06 17:52 - 2016-08-18 05:54 - 000284698 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-06 17:48 - 2016-08-17 20:05 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-03-06 17:48 - 2015-10-17 06:55 - 000000000 __SHD C:\Users\Lukas\IntelGraphicsProfiles
2018-03-06 17:46 - 2016-08-17 20:01 - 000153336 _____ C:\WINDOWS\system32\wpbbin.exe
2018-03-06 17:46 - 2016-08-17 20:01 - 000111088 _____ (Lenovo (Beijing) Limited) C:\WINDOWS\system32\LenovoCheck.exe
2018-03-06 17:46 - 2016-08-17 20:01 - 000026608 _____ (Lenovo) C:\WINDOWS\system32\LenovoUpdate.exe
2018-03-06 17:38 - 2017-11-19 19:49 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-06 17:38 - 2017-09-13 15:48 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-06 17:38 - 2017-03-18 11:59 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-06 17:38 - 2017-03-18 11:59 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-06 17:38 - 2017-03-18 11:59 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-06 17:38 - 2017-03-18 11:59 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-06 17:38 - 2016-09-21 20:52 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-06 15:22 - 2017-09-17 19:33 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Seznam.cz
2018-03-06 15:22 - 2017-09-17 19:33 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2018-03-06 12:48 - 2016-09-06 19:25 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-03-06 12:44 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-03-06 12:43 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-06 12:40 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-06 12:02 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-06 11:29 - 2015-05-27 02:21 - 000000000 ____D C:\ProgramData\Lenovo App Services
2018-03-06 11:00 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-05 17:44 - 2015-05-27 02:23 - 000000000 ____D C:\ProgramData\McAfee
2018-03-05 13:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-05 13:56 - 2016-11-02 21:31 - 000000000 ____D C:\Users\Lukas\Downloads\Setup Fotolab Fotosvet
2018-03-05 13:56 - 2016-01-05 21:58 - 000000000 ____D C:\Users\Lukas\Downloads\sldim
2018-03-05 13:50 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\com
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2018-03-05 13:44 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-03-05 13:44 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-03-05 13:44 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2018-03-05 13:44 - 2016-08-18 05:54 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2018-03-05 13:44 - 2016-08-18 05:54 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2018-03-05 13:44 - 2016-08-18 05:53 - 000000000 ____D C:\WINDOWS\SysWOW64\cs
2018-03-05 13:44 - 2016-08-18 05:53 - 000000000 ____D C:\WINDOWS\system32\cs
2018-03-05 13:06 - 2015-12-02 20:53 - 000000000 ____D C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-05 13:06 - 2015-12-02 20:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-03-05 12:41 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-03-03 17:40 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-03 17:36 - 2015-05-27 02:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-03 17:35 - 2015-11-21 21:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-03-01 11:25 - 2016-09-06 19:25 - 000001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2018-03-01 11:25 - 2016-09-06 19:25 - 000001039 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2018-02-28 19:30 - 2015-11-03 09:27 - 000002312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-28 19:30 - 2015-11-03 09:27 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-25 10:06 - 2015-12-21 17:05 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-18 17:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-02-18 09:41 - 2018-01-01 14:11 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-02-13 17:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-02-13 17:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2018-02-12 11:52 - 2016-08-17 20:32 - 000000000 ____D C:\Users\Lukas\AppData\Local\ConnectedDevicesPlatform
2018-02-12 11:51 - 2016-01-29 09:26 - 000000000 ___RD C:\Users\Lukas\3D Objects
2018-02-12 11:51 - 2015-11-09 12:17 - 000000000 ____D C:\Users\Lukas\AppData\Local\TileDataLayer
2018-02-12 11:51 - 2015-09-10 06:42 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-12 11:49 - 2015-11-09 20:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-02-12 07:39 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-02-12 07:35 - 2017-09-29 18:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2018-02-12 07:35 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-02-12 07:35 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-02-12 07:35 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\IME
2018-02-12 07:35 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-02-12 07:35 - 2017-09-25 19:23 - 000000000 ____D C:\WINDOWS\SysWOW64\shxfont
2018-02-12 07:35 - 2017-09-25 19:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoDWG
2018-02-12 07:35 - 2017-09-23 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-02-12 07:35 - 2017-09-17 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-02-12 07:35 - 2017-04-19 16:02 - 000000000 ____D C:\Program Files\UNP
2018-02-12 07:35 - 2016-08-17 20:06 - 000000000 ____D C:\Program Files\AMD
2018-02-12 07:35 - 2016-08-17 20:05 - 000000000 ____D C:\Program Files\Intel
2018-02-12 07:35 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-12 07:35 - 2016-07-06 20:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2018-02-12 07:35 - 2016-07-06 18:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2018-02-12 07:35 - 2016-06-23 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2018-02-12 07:35 - 2016-03-10 12:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-02-12 07:35 - 2016-01-02 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-02-12 07:35 - 2015-05-27 02:22 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-02-12 07:35 - 2015-05-27 02:04 - 000000000 ____D C:\WINDOWS\SysWOW64\Lenovo
2018-02-12 07:35 - 2015-05-27 02:04 - 000000000 ____D C:\WINDOWS\system32\Lenovo
2018-02-12 07:35 - 2015-05-27 02:04 - 000000000 ____D C:\Program Files (x86)\Lenovo
2018-02-12 07:35 - 2015-05-27 02:03 - 000000000 ____D C:\Program Files\Lenovo
2018-02-12 07:35 - 2015-05-27 01:55 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2018-02-12 07:35 - 2015-05-27 01:49 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-02-12 07:35 - 2015-05-27 01:34 - 000000000 ____D C:\ProgramData\Lenovo
2018-02-12 07:35 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2018-02-12 07:35 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-02-12 07:32 - 2017-09-29 15:41 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-02-12 07:32 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-02-12 07:32 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-12 07:32 - 2016-08-18 05:53 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-02-12 07:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-12 07:31 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2018-02-12 07:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-12 07:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2018-02-12 07:31 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-12 07:31 - 2016-08-17 20:06 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-02-12 07:31 - 2016-08-17 20:05 - 000000000 ____D C:\Program Files\Realtek
2018-02-12 07:31 - 2016-01-05 22:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005
2018-02-12 07:26 - 2017-12-14 02:33 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-02-11 23:06 - 2017-09-04 20:07 - 000002126 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-02-11 23:06 - 2017-09-04 20:07 - 000002124 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-02-11 23:06 - 2017-09-04 20:07 - 000002114 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-02-11 23:06 - 2017-09-04 20:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-02-11 23:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-02-11 23:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2018-02-11 23:01 - 2015-05-27 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2018-02-11 23:00 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-11 23:00 - 2015-11-09 11:47 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-02-11 22:59 - 2015-05-27 01:51 - 000894980 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-02-11 22:50 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2018-02-11 22:43 - 2016-08-17 20:06 - 000000000 ____D C:\Program Files\Elantech
2018-02-11 22:43 - 2016-08-17 20:05 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-02-11 22:43 - 2015-05-27 01:48 - 000000000 ___HD C:\Intel
2018-02-11 22:41 - 2016-08-17 20:05 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-02-11 21:50 - 2017-09-17 22:12 - 000000000 ____D C:\Users\Lukas\Desktop\stavba RD - bungalov
2018-02-09 07:24 - 2017-09-29 20:01 - 000000000 ____D C:\Program Files\rempl
2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-10-23 18:24 - 2017-10-23 18:24 - 000000285 _____ () C:\ProgramData\fontcacheev1.dat
2016-07-28 15:42 - 2016-07-28 15:42 - 000000210 _____ () C:\Users\Lukas\AppData\Roaming\LENOVO-PC.MTBF.txt
2016-10-06 18:07 - 2017-01-30 19:07 - 000000226 _____ () C:\Users\Lukas\AppData\Roaming\WB.CFG
2016-07-28 15:43 - 2016-07-28 15:43 - 000003584 _____ () C:\Users\Lukas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2018-03-06 15:22 - 2018-03-06 15:22 - 000534528 _____ () C:\Users\Lukas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-03-05 12:10

==================== End of FRST.txt ============================

[tRaviss]

Jdu se koukout na ten disk jak to s ním vypadá.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Lukas (06-03-2018 21:16:19)
Running from C:\Users\Lukas\Desktop
Windows 10 Home Version 1709 16299.125 (X64) (2018-02-11 22:04:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1192977186-3134455343-320431860-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1192977186-3134455343-320431860-503 - Limited - Disabled)
Guest (S-1-5-21-1192977186-3134455343-320431860-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1192977186-3134455343-320431860-1003 - Limited - Enabled)
Lukas (S-1-5-21-1192977186-3134455343-320431860-1001 - Administrator - Enabled) => C:\Users\Lukas
WDAGUtilityAccount (S-1-5-21-1192977186-3134455343-320431860-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{AB8CFF9F-8E45-09D6-CFC7-008ACBE150CA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
CrystalDiskInfo 7.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DWGSee Pro 2017 (HKLM-x32\...\{95EBD9FE-2F20-454A-84FC-6D22A8978A0A}) (Version: 4.43 - AutoDWG)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP LaserJet Pro MFP M125-M126 (HKLM-x32\...\{c65448bc-e467-4ec7-b4a5-246697f52957}) (Version: 8.0.14087.1054 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.002.004 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{62022DCB-BA92-4EC2-AE03-9B946E4DBF12}) (Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM126DSService (HKLM-x32\...\{9A0C3AE6-A6C3-46C4-95A5-E3745CCE3D57}) (Version: 001.001.08254 - Hewlett-Packard) Hidden
HPDXP (HKLM-x32\...\{0BFDA228-F4D0-42C0-90B2-8C47F147AEB1}) (Version: 3.0.26.59 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{5E4DD8C2-A906-4F1B-94B6-4F6A51D625B2}) (Version: 060.048.005 - HP) Hidden
HPLJProMFPM125M126 (HKLM-x32\...\{B2894225-82C7-4006-B243-6272589993B2}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
HPLJUTM125_126 (HKLM-x32\...\{9E7CB788-5C1F-4A18-95AA-8F4B1618A80C}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{6470E292-3B55-41DC-B5EB-91C34C5ACB5D}) (Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM125-M126 (HKLM-x32\...\{581A9CCB-1AD7-4BB4-A698-590305F773FB}) (Version: 080.046.00113 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{f5d71765-7cd1-4e68-998f-5b379e725da3}) (Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.6.3.1001 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{03929cf1-3ae4-4765-b8b3-32b8e2e26a8d}) (Version: 19.60.0 - Intel Corporation)
Lenovo App Services (HKLM\...\Lenovo App Services) (Version: 0.200.8.268 - Lenovo)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11070 - Realtek Semiconductor Corp.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo Patch Utility (HKLM-x32\...\{E8F27ADF-B1ED-41AF-A7EF-D5E71778480C}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{49A09C2C-FFF4-478E-B397-5E0979F67F5D}) (Version: 1.3.2.6 - Lenovo Group Limited) Hidden
Lenovo Solution Center (HKLM\...\{C1FC707B-AE6B-4DC4-89A5-6628A01F8103}) (Version: 3.3.003.00 - Lenovo)
LJDXPHelperUI (HKLM-x32\...\{EAECD0D7-F27D-4F13-8312-A9C0B5C5F1B7}) (Version: 060.048.005 - HP) Hidden
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.9029.2167 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden
PX Profile Update (HKLM-x32\...\{5FE401F0-EA32-4E7C-8D10-72EE152A4601}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{FA9E372D-C616-FF72-0564-2936CF7D1708}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7469 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-03-06] ()
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2012-01-06] (Autodesk, Inc.)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers1-x32: [DWGSeeMenu] -> {A6EAF440-149E-4AF3-AE84-5DA3CF791E3B} => C:\Program Files (x86)\AutoDWG\DWGSee Pro 2017\DWGSeeMenu64.dll [2012-07-13] (TODO: <Company name>)
ContextMenuHandlers1-x32: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-07-21] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-23] (Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-03-06] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-06] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00038044-F93B-4500-9448-52E2B7B6517B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {00D02C46-96D0-4BDE-9FB0-A6AEB931E943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {089D91DA-29C9-4C60-863D-24118D2A4E28} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {08CBD59A-607C-4B0B-B79B-41BEFDF773E5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-02] (Microsoft Corporation)
Task: {0D127BDC-7001-4CA2-A648-D556AC8913B3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {0FBAAC8A-A58B-4B58-9FF3-B1C77DE429C7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {16A151F1-C51F-4A7B-997F-E7023A098DD9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-06] (AVAST Software)
Task: {17DF3949-E233-45E4-9431-1050B5AA2D18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {199D2864-011C-4D68-8966-AB36B3D1ACC8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1A6FE555-7EE3-4AD3-95AE-155D9756914F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-02] (Microsoft Corporation)
Task: {1B3B3FAF-2E60-4522-A059-D3AEDAF03971} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-01-28] (Hewlett Packard)
Task: {1DF8D4A8-DFC3-43F9-8D91-9322EDB22999} - System32\Tasks\CMPCUAC => C:\Program Files\CleanMyPC\CleanMyPC.exe
Task: {3500150D-8AC7-4702-8EA0-115FC21D723F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {35480374-D3CE-43B7-B3F3-7F50B7AAFB74} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3571DAE2-7921-4334-B502-6B10AAB3F4FF} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3cd7e330-00e1-42ae-8746-c9f149067984 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {3612C36C-70DD-4E32-8AB2-C0594DE84C12} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9a6b6f98-def6-4c77-980d-06183314db85 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {3FF89895-3CD9-48E9-A6D7-5AF001160327} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-06-02] (Lenovo)
Task: {411EA69C-07B3-4C50-91FB-E49F538F46DE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5f5d4cc7-e08b-43d4-b89c-12371c626ae9 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {42E6B9AC-2E88-412F-974F-7E227416E076} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4D7FD30A-04AE-4C90-A64A-BF58C525543C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {4EC0B062-DF17-46F4-A35C-C404CE2BB8CB} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {4EC240A6-BCA9-4F89-842A-78602EC4BC73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {5469A665-074B-4E80-B4A7-B036E689B648} - System32\Tasks\SafeZone scheduled Autoupdate 1474487644 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {59427854-B799-4918-9666-B2651D0020F4} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Lukas\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {5AACADC5-4DD4-4527-88A6-7F0F049F75C4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-12-10] (Lenovo)
Task: {63AF44BC-87B1-4ED4-B4B3-DEEBEC73D508} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5bf71ce9-6c93-4cde-996b-e07bd73b2ae3 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-11-12] (Lenovo Group Limited)
Task: {65A18397-3DFA-4A98-A24D-6F5269E0424B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-06-02] ()
Task: {6B887890-D2CF-447B-AC63-14D94D222996} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-02] (Microsoft Corporation)
Task: {713AACCB-419C-4553-8E5D-819EFB91B37A} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-06-02] (Lenovo)
Task: {74F3A5BB-578E-4C5E-8C3B-680BDCC50BA8} - System32\Tasks\{A75BA8D5-80EA-4D4F-884D-75D1B67EE1D8} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\THQ\Company of Heroes\RelicCOH -minvidmem 0.exe" -d "C:\Program Files (x86)\THQ\Company of Heroes"
Task: {7C483C08-2A49-4085-906E-F9B14254F002} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-03-02] (Microsoft Corporation)
Task: {823567DF-F14F-415A-8E7B-12C9588D3875} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {98089AEC-8106-4C36-B30E-00F47D755135} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {9F01E896-DB3A-4548-95CC-D0EE72CAA637} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {A2157243-8C5B-4D59-872D-B9E9FDA72645} - System32\Tasks\Lenovo App Services => C:\ProgramData\Lenovo App Services\Engine\LenovoAppServices.exe [2016-10-06] (Lenovo)
Task: {A241717E-33D6-4ECE-879C-7B33BFE35A1B} - System32\Tasks\{07C11F2A-1287-4984-9225-D2BC4AAA2778} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\High Quality Photo Resizer\unins000.exe"
Task: {A396858B-D7B9-43C2-B96F-46FC2F5EDE2E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {A4DFF03D-35E9-4405-A34E-F9B7BA5CAEC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {A8E36B79-39A3-4FA9-A48F-3BA0C5245A82} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe
Task: {A9B3E8DB-0139-4C85-B824-C753EA258B71} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-16] (AVAST Software)
Task: {B9F7753F-C163-4475-A4D2-206503B62A44} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
Task: {C2DEC4B3-A619-472F-935D-11A41B87AE88} - \WPD\SqmUpload_S-1-5-21-1192977186-3134455343-320431860-1001 -> No File <==== ATTENTION
Task: {C4DF238E-14D3-4C8D-96EF-9F48E4B9E6E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {DB5AE3DC-989F-4051-9BD2-8166CC46E094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {E21F2FD3-76BC-48FE-8410-4D844B755026} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation)
Task: {F565C5BC-AD2D-4A0C-B3C4-A277E31B26F9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F7C2FE3A-3912-4DC0-A785-2138C0C74002} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-04-23 21:28 - 2017-04-23 21:28 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-12-14 02:33 - 2017-12-14 02:33 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 02:33 - 2017-12-14 02:33 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-05 10:26 - 2018-03-05 10:27 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-05 10:26 - 2018-03-05 10:27 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-05 10:26 - 2018-03-05 10:28 - 021824000 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-05 10:26 - 2018-03-05 10:27 - 002529792 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\skypert.dll
2018-03-05 10:26 - 2018-03-05 10:27 - 000649216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1807.264.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-02-07 19:03 - 2018-02-07 19:03 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-07 19:03 - 2018-02-07 19:04 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2014-10-10 17:37 - 2014-10-10 17:37 - 001243936 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-03-06 11:11 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1192977186-3134455343-320431860-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lukas\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{94abe63d-4f7f-400c-8669-9cc8e5cf5b7a}.JPG
DNS Servers: 10.0.0.1 - 10.0.0.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run: => "LenovoUtility"
HKLM\...\StartupApproved\Run: => "LMCSSTART2"
HKLM\...\StartupApproved\Run: => "LMCSSTART1"
HKLM\...\StartupApproved\Run: => "LMCSSTART3"
HKLM\...\StartupApproved\Run: => "OneKeyOptimizer"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "AvastUI.exe"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "StatusAlerts"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3128DCFD-4C61-4DC2-864A-B902F0B00B19}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{012BA816-FC5A-484D-BEAC-083501EC7F34}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D0C09580-0F95-4BE9-9FCB-919103767DBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{F5AE7DF9-B0B5-4897-9977-4833EC224E22}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A59491E4-2054-4A64-A93B-182BD0F21880}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BA25832E-58C1-478C-A821-36620E595F9B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{AB0EBEC3-ADA2-476E-9DA1-96F196E8151C}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{7710F8CB-8448-457C-B8EB-E09F33FB6574}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{959CFEE9-88F6-43AE-A2FA-D90F34CFC3BD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{18E73467-3E1D-478F-A990-ACA2C191F7B6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{08F3B9AC-AEB1-4D83-9C76-6710255A5CD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{64BEA968-64E2-4B9B-96D2-6EC1F73DEFA4}] => (Allow) LPort=55100
FirewallRules: [{B0949A05-69F2-4323-A160-5AD0B5B02263}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe
FirewallRules: [{154353CB-728D-4193-869F-2D93131A3002}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2B576054-96D0-4B8F-9571-41DE6B993B0C}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M125-M126\bin\EWSProxy.exe
FirewallRules: [{FAAABB2C-DD75-48D1-B78D-9DEEA911ACFF}] => (Block) C:\Windows\explorer.exe
FirewallRules: [TCP Query User{862AFEE9-D1F8-4C57-A79A-F63D146A2CE9}C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe] => (Allow) C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe
FirewallRules: [UDP Query User{C94B37FB-E534-46FA-A0AA-A954A63D9250}C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe] => (Allow) C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe
FirewallRules: [TCP Query User{9A02B8BE-66A2-4EC2-A70B-9AE198DBD982}C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe] => (Allow) C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe
FirewallRules: [UDP Query User{A9CFDBB6-6D74-40D0-9CFA-667901D26DA2}C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe] => (Allow) C:\program files (x86)\thq\company of heroes\reliccoh -minvidmem 0.exe
FirewallRules: [{7771FC7D-B0E8-4F1B-80AF-DA1A86286535}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8C851DE1-DE26-41ED-8641-8109B0737FB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9F57143F-6B8F-4EF4-88FC-9B3C400E5100}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1754E762-F7EE-4B2B-86E8-9E3C1B747295}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{75FAE7DA-7593-4D70-BCE6-42DD3B923409}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2018 08:35:23 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Access is denied.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bb8628d5-b4aa-4b32-af8a-4ed28f7b1702}

Error: (03/06/2018 07:47:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LENOVO-PC)
Description: Balíček Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/06/2018 05:47:02 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (03/06/2018 05:40:45 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, The handle is invalid.
.


Operation:
Executing Asynchronous Operation

Context:
Current State: DoSnapshotSet

Error: (03/06/2018 05:39:36 PM) (Source: lupdate) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/06/2018 03:05:55 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (03/06/2018 03:05:42 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed

Error: (03/06/2018 01:45:52 PM) (Source: ATIeRecord) (EventID: 16396) (User: )
Description: ATI EEU PnP start/stop failed


System errors:
=============
Error: (03/06/2018 09:13:18 PM) (Source: DCOM) (EventID: 10016) (User: LENOVO-PC)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Lenovo-PC\Lukas (SID: S-1-5-21-1192977186-3134455343-320431860-1001) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/06/2018 07:49:18 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Server Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2018 06:34:31 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2018 05:59:47 PM) (Source: DCOM) (EventID: 10010) (User: LENOVO-PC)
Description: Server Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/06/2018 05:58:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Storage Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/06/2018 05:58:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby StorSvc bylo dosaženo časového limitu (30000 ms).

Error: (03/06/2018 05:58:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Client License Service (ClipSVC) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (03/06/2018 05:58:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Client License Service (ClipSVC) bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2018-03-06 18:19:43.269
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.223.1351.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12805.0
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved

Date: 2018-03-06 18:19:42.925
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.223.1351.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12805.0
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved

Date: 2018-03-06 18:19:37.059
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.223.1351.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12805.0
Kód chyby: 0x80240438
Popis chyby :An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-03-06 18:10:14.105
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.223.1351.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.12805.0
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved

Date: 2018-03-06 18:10:14.089
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 116.3.0.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Systém kontroly sítě
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 2.1.12706.0
Kód chyby: 0x80072ee7
Popis chyby :The server name or address could not be resolved

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8105.84 MB
Available physical RAM: 5951.45 MB
Total Virtual: 16297.84 MB
Available Virtual: 13859.52 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.15 GB) (Free:789.71 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.07 GB) NTFS

\\?\Volume{8fa94b7e-841b-40e1-aaf0-23e29003062b}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{c09622f8-038d-4e91-a3f1-8756b08e5dbe}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{d1194e4b-4d8d-476c-955b-727c8b24a8e8}\ (PBR_DRV) (Fixed) (Total:13.03 GB) (Free:3.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EA333EA0)

Partition: GPT.

==================== End of Addition.txt ============================

[tRaviss]

Vypojil jsem ten disk, trochu to vyfoukal a pořád tam mám Časový limit příkazu 000000000001.

[jaro3]

OK.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
CHR HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\fontcacheev1.dat
C:\Users\Lukas\AppData\Roaming\WB.CFG
C:\Users\Lukas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {00038044-F93B-4500-9448-52E2B7B6517B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {00D02C46-96D0-4BDE-9FB0-A6AEB931E943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {089D91DA-29C9-4C60-863D-24118D2A4E28} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FBAAC8A-A58B-4B58-9FF3-B1C77DE429C7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {17DF3949-E233-45E4-9431-1050B5AA2D18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {199D2864-011C-4D68-8966-AB36B3D1ACC8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3500150D-8AC7-4702-8EA0-115FC21D723F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {35480374-D3CE-43B7-B3F3-7F50B7AAFB74} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4D7FD30A-04AE-4C90-A64A-BF58C525543C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {4EC240A6-BCA9-4F89-842A-78602EC4BC73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {823567DF-F14F-415A-8E7B-12C9588D3875} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {98089AEC-8106-4C36-B30E-00F47D755135} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C2DEC4B3-A619-472F-935D-11A41B87AE88} - \WPD\SqmUpload_S-1-5-21-1192977186-3134455343-320431860-1001 -> No File <==== ATTENTION
Task: {DB5AE3DC-989F-4051-9BD2-8166CC46E094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F565C5BC-AD2D-4A0C-B3C4-A277E31B26F9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

pak dej vědět jestli se to zlepšilo.

[tRaviss]

Stále ta samá hodnota u "Časový limit příkazu"

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Lukas (06-03-2018 22:26:34) Run:1
Running from C:\Users\Lukas\Desktop
Loaded Profiles: Lukas (Available Profiles: Lukas)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL =
CHR HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\ProgramData\fontcacheev1.dat
C:\Users\Lukas\AppData\Roaming\WB.CFG
C:\Users\Lukas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {00038044-F93B-4500-9448-52E2B7B6517B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {00D02C46-96D0-4BDE-9FB0-A6AEB931E943} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {089D91DA-29C9-4C60-863D-24118D2A4E28} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0FBAAC8A-A58B-4B58-9FF3-B1C77DE429C7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {17DF3949-E233-45E4-9431-1050B5AA2D18} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {199D2864-011C-4D68-8966-AB36B3D1ACC8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {3500150D-8AC7-4702-8EA0-115FC21D723F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {35480374-D3CE-43B7-B3F3-7F50B7AAFB74} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4D7FD30A-04AE-4C90-A64A-BF58C525543C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-03] (Google Inc.)
Task: {4EC240A6-BCA9-4F89-842A-78602EC4BC73} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {823567DF-F14F-415A-8E7B-12C9588D3875} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {98089AEC-8106-4C36-B30E-00F47D755135} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {C2DEC4B3-A619-472F-935D-11A41B87AE88} - \WPD\SqmUpload_S-1-5-21-1192977186-3134455343-320431860-1001 -> No File <==== ATTENTION
Task: {DB5AE3DC-989F-4051-9BD2-8166CC46E094} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F565C5BC-AD2D-4A0C-B3C4-A277E31B26F9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-1192977186-3134455343-320431860-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\ProgramData\fontcacheev1.dat => moved successfully
C:\Users\Lukas\AppData\Roaming\WB.CFG => moved successfully
C:\Users\Lukas\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe => moved successfully
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{00038044-F93B-4500-9448-52E2B7B6517B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00038044-F93B-4500-9448-52E2B7B6517B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00D02C46-96D0-4BDE-9FB0-A6AEB931E943}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00D02C46-96D0-4BDE-9FB0-A6AEB931E943}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{089D91DA-29C9-4C60-863D-24118D2A4E28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{089D91DA-29C9-4C60-863D-24118D2A4E28}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FBAAC8A-A58B-4B58-9FF3-B1C77DE429C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FBAAC8A-A58B-4B58-9FF3-B1C77DE429C7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17DF3949-E233-45E4-9431-1050B5AA2D18}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17DF3949-E233-45E4-9431-1050B5AA2D18}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{199D2864-011C-4D68-8966-AB36B3D1ACC8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{199D2864-011C-4D68-8966-AB36B3D1ACC8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3500150D-8AC7-4702-8EA0-115FC21D723F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3500150D-8AC7-4702-8EA0-115FC21D723F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35480374-D3CE-43B7-B3F3-7F50B7AAFB74}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35480374-D3CE-43B7-B3F3-7F50B7AAFB74}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D7FD30A-04AE-4C90-A64A-BF58C525543C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D7FD30A-04AE-4C90-A64A-BF58C525543C}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4EC240A6-BCA9-4F89-842A-78602EC4BC73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4EC240A6-BCA9-4F89-842A-78602EC4BC73}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{823567DF-F14F-415A-8E7B-12C9588D3875}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{823567DF-F14F-415A-8E7B-12C9588D3875}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{98089AEC-8106-4C36-B30E-00F47D755135}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98089AEC-8106-4C36-B30E-00F47D755135}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2DEC4B3-A619-472F-935D-11A41B87AE88}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2DEC4B3-A619-472F-935D-11A41B87AE88}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1192977186-3134455343-320431860-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DB5AE3DC-989F-4051-9BD2-8166CC46E094}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB5AE3DC-989F-4051-9BD2-8166CC46E094}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F565C5BC-AD2D-4A0C-B3C4-A277E31B26F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F565C5BC-AD2D-4A0C-B3C4-A277E31B26F9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\seznam-listicka-distribuce" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.autoupdate" => removed successfully
"HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.szndesktop" => removed successfully
"HKU\S-1-5-21-1192977186-3134455343-320431860-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11748165 B
Java, Flash, Steam htmlcache => 12197410 B
Windows/system/drivers => 1740149 B
Edge => 0 B
Chrome => 48534843 B
Firefox => 0 B
Opera => 1277952 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 111902924 B
Lukas => 22981767 B

RecycleBin => 49947633 B
EmptyTemp: => 255.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-03-2018 22:27:48)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 22:27:48 ====

[jaro3]

a jiné problémy nejsou?