Černá Obrazovka

[Havlos]

Zdravím při spuštění Pc mě zustane černá obrazovka a vyskočí okno C:WINDOWS\RUN.VBS

A dostanu se jen do správce úloh

Poraďtě jak se toho zbavit

Díky

[altrok]

Hezky den,

nabootujte do nouzoveho rezimu a vytvorte logy z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100
Obsah obou logu (FRST.txt a Addition.txt) vlozte do sve pristi odpovedi.

[Havlos]

No právě že to děla i v nouzovém režimu.

Nějake rady ?

[altrok]

Nouzovych rezimu je nekolik a nechce se mi verit, ze by tento malware byl aktivni i v nouzovem rezimu s prikazovym radkem.

http://forum.viry.cz/viewtopic.php?f=24&t=130783

[Havlos]

Stále nejde ani s přikazovým řádkem

[altrok]

Jak vypadal nouzovy rezim s prikazovou radkou?
Vyfotte tedy alespon okno spravce uloh.
Klavesove zkratky funguji? Win+E, Win+R atd.

[Havlos]

Nejde mužu jen do správce úloh

[Havlos]

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017
Ran by Havlos (administrator) on HAVLOS-PC (14-01-2017 15:36:07)
Running from C:\Users\Havlos\Downloads
Loaded Profiles: Havlos (Available Profiles: Havlos)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Lavasoft Limited                                                  ) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Program Files (x86)\HDD Health\HDDHealthService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
(Memeo) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(BitTorrent, Inc.) C:\Users\Havlos\AppData\Roaming\uTorrent\utorrent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\scrcons.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\olicenseheartbeat.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-06] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SmartGenius] => C:\Users\Havlos\AppData\Local\SmartGenius\SGStartup.exe [505856 2016-11-26] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3521424 2012-05-04] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296096 2012-09-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [boinctray] => C:\Program Files (x86)\BOINC\boinctray.exe [71312 2014-03-07] (Charity Engine)
HKLM-x32\...\Run: [boincmgr] => C:\Program Files (x86)\BOINC\charityengine.exe [3757712 2014-03-07] (Charity Engine)
HKLM\...\Winlogon: [Userinit] C:\Windows\userinit.exe
HKLM-x32\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs, [X]
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [KiesHelper] => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [955792 2012-05-04] (Samsung)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21392 2012-05-04] ()
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2851408 2016-07-09] (Valve Corporation)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [MSIDLL] => C:\Windows\SysWOW64\rundll32.exe msifks32.dll,XzXRQcUSq
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Havlos\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Havlos\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1843864 2016-12-21] (Lavasoft)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [458456 2014-12-19] (ZONER software)
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [SmartGenius] => C:\Users\Havlos\AppData\Local\SmartGenius\SGStartup.exe [505856 2016-11-26] ()
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [SmartHID] => C:\Users\Havlos\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe [771584 2016-11-26] ()
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Run: [msiql] => C:\Users\Havlos\AppData\Local\Temp\00017139\msiql.exe [2071552 2017-01-14] () <===== ATTENTION
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\system: [ConsentPromptBehaviorAdmin] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\system: [PromptOnSecureDesktop] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\MountPoints2: H - King Arthur - Fallen Champions.exe
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\MountPoints2: {1cb8d439-983e-11e0-8d88-1c6f65a33abd} - "J:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\MountPoints2: {a4eef0fb-f7a6-11e3-a85d-1c6f65a33abd} - G:\LGAutoRun.exe
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\MountPoints2: {dba54fc0-a591-11e0-b2da-806e6f6e6963} - H:\setup.exe
HKU\S-1-5-18\...\Run: [] => 0
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellExecuteHooks: No Name - {207C127A-D3FB-11E6-8819-64006A5CFC35} - C:\Users\Havlos\AppData\Roaming\Grozogh\Kgitraceent.dll [148480 2017-01-14] ()
ShellExecuteHooks: No Name - {5F51FFFE-7463-4220-B711-E5B9ACB8EDFE} - C:\ProgramData\igfxDH.dll [965120 2016-12-26] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2012-12-24]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDDMStatus.lnk [2011-06-24]
ShortcutTarget: WDDMStatus.lnk -> C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe (WDC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WDSmartWare.lnk [2011-06-24]
ShortcutTarget: WDSmartWare.lnk -> C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
Startup: C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Game Alarm.lnk [2012-12-14]
ShortcutTarget: Game Alarm.lnk -> C:\Games\Game Alarm\gamealarm.exe (Europe Support Ltd. N.V.)
Startup: C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runjar.bat [2012-02-21] ()
BootExecute: autocheck autochk * sh4native Sh4Removalsdnclean64.exe
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll No File 
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll No File 
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll No File 
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll No File 
Winsock: Catalog9 15 C:\Windows\system32\LavasoftTcpService.dll No File 
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-07-01] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-07-01] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-07-01] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-07-01] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2016-07-01] (Lavasoft Limited)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.12.0.1 10.6.0.1
Tcpip\..\Interfaces\{32B10F0A-A5F5-44AD-8088-21B39C0C38CF}: [DhcpNameServer] 10.12.0.1 10.6.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=cs&pid=NIS&pvid=21.7.0.11
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=cs&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=cs&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=cs&pid=NIS&pvid=21.7.0.11
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://securityresponse.symantec.com/avcenter/fix_homepage/
HKU\S-1-5-21-573710485-1513062138-4064015244-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz
URLSearchHook: HKLM-x32 -> Default = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - No File
URLSearchHook: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll No File
URLSearchHook: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
URLSearchHook: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 - (No Name) - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - No File
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
SearchScopes: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> {8E398E8F-338E-49fe-AD77-AD4838ABB6F9} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
SearchScopes: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> {B95882D9-869D-4687-B66F-40C2903B78B4} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = 
SearchScopes: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> {F68BD9AE-318C-40d1-A66C-21E791987231} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-10-11] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-09-20] (RealPlayer)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-07-26] (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2011-10-15] (CANON INC.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-01] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-01] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2011-10-15] (CANON INC.)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKU\S-1-5-21-573710485-1513062138-4064015244-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-09-23] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll [2011-12-16] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-12-16] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Havlos\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\ux64od1u.default-1464672417803\Profiles\ux64od1u.default-1464672417803 [not found]
FF ProfilePath: C:\Users\Havlos\AppData\Roaming\Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803 [2017-01-14]
FF user.js: detected! => C:\Users\Havlos\AppData\Roaming\Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803\user.js [2016-07-18]
FF NewTab: Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803 -> hxxp://www.nicesearches.com?type=hp&ts=1468849650&from=43110715&uid=samsungxhd154ui_s1y6j1ls806597&z=c7cfcf350662ec8f86fe1cdgbz0qdb7b7z2t8q6w1w
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803 -> nice 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803 -> nice 
FF Homepage: Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803 -> hxxp://www.nicesearches.com?type=hp&ts=1468849650&from=43110715&uid=samsungxhd154ui_s1y6j1ls806597&z=c7cfcf350662ec8f86fe1cdgbz0qdb7b7z2t8q6w1w
FF Extension: (Tab Auto Reload) - C:\Users\Havlos\AppData\Roaming\Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803\Extensions\TabAutoReload@schuzak.jp.xpi [2017-01-10]
FF SearchPlugin: C:\Users\Havlos\AppData\Roaming\Mozilla\Firefox\Profiles\ux64od1u.default-1464672417803\searchplugins\tuyazueu.xml [2017-01-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-05] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2014-04-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-10-24] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-08] (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-09-20] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-573710485-1513062138-4064015244-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-12-08] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-09-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-09-20] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011-12-09] (Nullsoft, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [egnimkioipookhfihpljiedpgjffibpa] - C:\Program Files (x86)\MyBrowserCash\MBC_chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-09-20]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-11-20] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2016-11-01] (Microsoft Corporation)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] () [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [1737728 2012-09-22] (Lavasoft Limited                                                  ) [File not signed]
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-12-21] (Lavasoft Limited)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120712 2016-05-25] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25232 2016-12-21] ()
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [129536 2009-11-13] (WDC) [File not signed]
R2 WDSmartWareBackgroundService; C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [20480 2009-06-16] (Memeo) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] () [File not signed]
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2009-12-22] (Devguru Co., Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-07-28] ()
R3 gFilterMouUsb; C:\Windows\System32\DRIVERS\gFilterMouUsb.sys [32472 2016-11-26] ()
R3 gKbdfltr; C:\Windows\System32\DRIVERS\gKbdfltr.sys [26472 2016-11-26] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-07-09] ()
R3 ioFakDrv; C:\Windows\System32\DRIVERS\ioFakDrv.sys [35928 2016-11-26] (KYE System Corp.)
R3 ioFakMap; C:\Windows\System32\DRIVERS\ioFakMap.sys [24664 2016-11-26] (KYE System Corp.)
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-04-26] (Lavasoft AB)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-11-04] (Duplex Secure Ltd.)
S3 ss_bserd; C:\Windows\System32\DRIVERS\ss_bserd.sys [128000 2009-09-19] (MCCI Corporation)
U3 atqp4bkf; C:\Windows\System32\Drivers\atqp4bkf.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
S3 esgiguard; \??\C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\esgiguard.sys [X]
R3 Lavasoft Kernexplorer; \??\C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
U0 sr; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-14 15:36 - 2017-01-14 15:37 - 00033080 _____ C:\Users\Havlos\Downloads\FRST.txt
2017-01-14 15:36 - 2017-01-14 15:36 - 00000000 ____D C:\FRST
2017-01-14 15:35 - 2017-01-14 15:35 - 02419200 _____ (Farbar) C:\Users\Havlos\Downloads\FRST64.exe
2017-01-14 15:35 - 2017-01-14 15:35 - 01761280 _____ (Farbar) C:\Users\Havlos\Downloads\FRST.exe
2017-01-14 13:51 - 2017-01-14 15:00 - 00504100 _____ C:\Windows\ntbtlog.txt
2017-01-14 13:19 - 2017-01-14 15:20 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2017-01-14 13:19 - 2017-01-14 15:19 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-14 13:19 - 2017-01-14 15:19 - 00001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-14 13:19 - 2017-01-14 13:19 - 00514536 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-14 11:06 - 2017-01-14 11:06 - 00003596 _____ C:\Windows\System32\Tasks\Online Application v2 Guard
2017-01-14 11:06 - 2017-01-14 11:06 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Softlink
2017-01-14 11:06 - 2017-01-14 11:06 - 00000000 ____D C:\ProgramData\Avira
2017-01-14 11:06 - 2017-01-14 11:06 - 00000000 ____D C:\Program Files\żěŃą
2017-01-14 11:05 - 2017-01-14 11:06 - 00000000 ____D C:\Users\Havlos\AppData\Local\app
2017-01-14 11:05 - 2017-01-14 11:06 - 00000000 ____D C:\Program Files (x86)\Grekesy_
2017-01-14 11:05 - 2017-01-14 11:05 - 00003654 _____ C:\Windows\System32\Tasks\Online Application Updater
2017-01-14 11:05 - 2017-01-14 11:05 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-14 11:04 - 2017-01-14 11:06 - 00000000 ____D C:\Program Files (x86)\Maoha
2017-01-14 11:04 - 2017-01-14 11:04 - 00003596 _____ C:\Windows\System32\Tasks\Online Application v2 Guardian
2017-01-14 11:04 - 2017-01-14 11:04 - 00003590 _____ C:\Windows\System32\Tasks\Online Application Guard
2017-01-14 11:04 - 2017-01-14 11:04 - 00001106 _____ C:\Users\Havlos\Desktop\MaohaWiFi.lnk
2017-01-14 11:04 - 2017-01-14 11:04 - 00000000 __SHD C:\Users\Havlos\AppData\Local\svchost
2017-01-14 11:04 - 2017-01-14 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MaohaWiFi
2017-01-14 11:04 - 2017-01-14 11:04 - 00000000 ____D C:\Program Files (x86)\78282267-b575-4b96-a3e0-bbb6ffb3761f1484388253
2017-01-14 11:04 - 2017-01-14 11:04 - 00000000 _____ C:\TOSTACK
2017-01-14 11:04 - 2016-12-26 15:58 - 00965120 ___SH C:\ProgramData\igfxDH.dll
2017-01-14 11:03 - 2017-01-14 11:07 - 00000000 ____D C:\Program Files (x86)\Grekesy
2017-01-14 11:03 - 2017-01-14 11:05 - 00000000 ____D C:\Program Files (x86)\ContentPush
2017-01-14 11:03 - 2017-01-14 11:04 - 00000000 ____D C:\Users\Havlos\AppData\Local\Pracudomnifely
2017-01-14 11:03 - 2017-01-14 11:03 - 01620992 _____ C:\ProgramData\service.exe
2017-01-14 11:03 - 2017-01-14 11:03 - 00003596 _____ C:\Windows\System32\Tasks\Online Application v2
2017-01-14 11:03 - 2017-01-14 11:03 - 00003590 _____ C:\Windows\System32\Tasks\Online Application Guardian
2017-01-14 11:03 - 2017-01-14 11:03 - 00003590 _____ C:\Windows\System32\Tasks\Online Application
2017-01-14 11:03 - 2017-01-14 11:03 - 00001089 _____ C:\Users\Havlos\Desktop\AutoTime.lnk
2017-01-14 11:03 - 2017-01-14 11:03 - 00000000 __SHD C:\Windows\SysWOW64\%APPDATA%
2017-01-14 11:03 - 2017-01-14 11:03 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Grozogh
2017-01-14 11:03 - 2017-01-14 11:03 - 00000000 ____D C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
2017-01-14 11:03 - 2017-01-14 11:03 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-14 11:03 - 2017-01-14 11:03 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-14 11:02 - 2017-01-14 11:02 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Microleaves
2017-01-13 23:24 - 2017-01-13 23:27 - 395209166 _____ C:\Users\Havlos\Downloads\G4715_V02.rar
2017-01-13 14:42 - 2017-01-13 14:42 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Člověče, nezlob se
2017-01-13 14:42 - 2017-01-13 14:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Člověče, nezlob se
2017-01-13 14:42 - 2017-01-13 14:42 - 00000000 ____D C:\Program Files\Clovece
2017-01-13 14:41 - 2017-01-13 14:42 - 09453456 _____ C:\Users\Havlos\Downloads\clovece.exe
2017-01-13 13:15 - 2017-01-13 13:22 - 843739030 _____ C:\Users\Havlos\Downloads\Ucitelka.2016.DVDr.Cz-Sk.avi
2017-01-11 20:31 - 2016-10-12 09:09 - 00001983 _____ C:\Users\Havlos\Desktop\README.txt
2017-01-11 20:30 - 2017-01-11 20:30 - 00079725 _____ C:\Users\Havlos\Downloads\steam_api.zip
2017-01-11 20:29 - 2017-01-11 20:29 - 00649630 _____ C:\Users\Havlos\Downloads\api.zip
2017-01-11 20:16 - 2017-01-11 20:16 - 00000000 ____D C:\Users\Havlos\AppData\Local\ArmA 2 OA
2017-01-11 20:16 - 2017-01-11 20:16 - 00000000 ____D C:\Users\Havlos\AppData\Local\ArmA 2
2017-01-11 15:30 - 2017-01-11 15:41 - 922295388 _____ C:\Users\Havlos\Downloads\Ohnivý kuře (71) - Velký podvod.avi
2017-01-09 20:32 - 2017-01-09 20:39 - 00000000 ____D C:\Program Files (x86)\SpeedChecker
2017-01-09 20:30 - 2017-01-09 20:38 - 00000000 ____D C:\Program Files (x86)\WiFi Protector
2017-01-09 20:30 - 2014-12-11 21:53 - 00040664 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapwp01.sys
2017-01-09 20:29 - 2017-01-09 20:29 - 07744464 _____ (Optimal Software s.r.o ) C:\Users\Havlos\Downloads\wifiprotector_a8e5736d707d455296473e5819fed125_.exe
2017-01-09 11:33 - 2017-01-09 11:33 - 00095678 _____ C:\Users\Havlos\Desktop\0000002235957113_20161231_D_012_000_M_C.pdf
2017-01-08 21:13 - 2017-01-08 21:34 - 1900877814 _____ C:\Users\Havlos\Downloads\keupjo.avi
2017-01-08 13:59 - 2017-01-08 14:31 - 2147483651 _____ C:\Users\Havlos\Downloads\Transport.Fever-HI2U.part1.rar
2017-01-07 21:04 - 2017-01-07 21:17 - 916877748 _____ C:\Users\Havlos\Downloads\Cetnici.z.Luhacovic.1-2017-cz.avi
2017-01-06 22:41 - 2016-12-21 18:58 - 00000000 ____D C:\Users\Havlos\Desktop\BVR
2017-01-06 22:34 - 2017-01-06 22:37 - 365403051 _____ C:\Users\Havlos\Downloads\BVR.part2.rar
2017-01-06 21:42 - 2017-01-06 22:01 - 2097152000 _____ C:\Users\Havlos\Downloads\BVR.part1.rar
2017-01-05 22:47 - 2017-01-05 22:47 - 00001847 _____ C:\Users\Public\Desktop\Football Manager 2016 Resource Archiver.lnk
2017-01-05 22:47 - 2017-01-05 22:47 - 00001713 _____ C:\Users\Public\Desktop\Football Manager 2016 Editor.lnk
2017-01-05 22:47 - 2017-01-05 22:47 - 00001676 _____ C:\Users\Public\Desktop\Football Manager 2016.lnk
2017-01-05 22:39 - 2017-01-05 22:39 - 00000000 ____D C:\Program Files (x86)\Football Manager 2016
2017-01-05 22:37 - 2017-01-05 22:37 - 00000000 ____D C:\Users\Havlos\Desktop\fixed.G3073
2017-01-05 22:34 - 2017-01-05 22:35 - 780681076 _____ C:\Users\Havlos\Desktop\fixed.G3073.part2.rar
2017-01-05 22:30 - 2017-01-05 22:31 - 1047527424 _____ C:\Users\Havlos\Desktop\fixed.G3073.part1.rar
2017-01-05 22:22 - 2017-01-05 22:26 - 780681076 _____ C:\Users\Havlos\Downloads\G3073.part2.rar
2017-01-05 22:09 - 2017-01-05 22:21 - 1047527424 _____ C:\Users\Havlos\Downloads\G3073.part1.rar
2017-01-05 11:31 - 2017-01-05 11:31 - 01441449 _____ C:\Users\Havlos\Downloads\mgw_338.zip
2017-01-05 11:31 - 2016-12-18 16:23 - 00000000 ____D C:\Users\Havlos\Desktop\mgw_338
2017-01-04 22:15 - 2017-01-04 22:31 - 1904825026 _____ C:\Users\Havlos\Downloads\hrapenz.avi
2017-01-04 19:19 - 2017-01-04 19:27 - 789159936 _____ C:\Users\Havlos\Downloads\20150524_2.avi
2017-01-03 17:58 - 2017-01-03 17:58 - 00001879 _____ C:\Users\Public\Desktop\Dostihy 3000 Deluxe.lnk
2017-01-03 17:58 - 2017-01-03 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dostihy 3000 Deluxe
2017-01-03 17:58 - 2017-01-03 17:58 - 00000000 ____D C:\Program Files\Dostihy 3000 Deluxe
2017-01-03 17:57 - 2017-01-03 17:57 - 25764000 _____ C:\Users\Havlos\Downloads\Dostihy3000setup.exe
2017-01-02 22:02 - 2017-01-02 22:02 - 00364100 _____ C:\Users\Havlos\Downloads\Stronghold---3---čeština.rar
2017-01-02 14:23 - 2017-01-02 14:23 - 00000221 _____ C:\Users\Havlos\Desktop\Stronghold 3.url
2017-01-02 12:13 - 2017-01-02 12:13 - 01386240 _____ C:\Users\Havlos\Downloads\Football-Manager-2017-Key-Generator.zip
2017-01-01 14:22 - 2017-01-01 14:33 - 1256996790 _____ C:\Users\Havlos\Downloads\flfp.avi
2016-12-29 10:27 - 2016-12-29 10:28 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\SmartGenius
2016-12-29 10:18 - 2016-12-29 10:18 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ioFakDrv_01009.Wdf
2016-12-29 10:18 - 2016-12-29 10:18 - 00000000 ____D C:\Users\Havlos\AppData\Local\SmartGenius
2016-12-29 10:18 - 2016-12-29 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartGenius
2016-12-29 10:18 - 2016-11-26 08:36 - 01732696 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-12-29 10:18 - 2016-11-26 08:36 - 00035928 _____ (KYE System Corp.) C:\Windows\system32\Drivers\ioFakDrv.sys
2016-12-29 10:18 - 2016-11-26 08:36 - 00032472 _____ C:\Windows\system32\Drivers\gFilterMouUsb.sys
2016-12-29 10:18 - 2016-11-26 08:36 - 00026472 _____ C:\Windows\system32\Drivers\gKbdfltr.sys
2016-12-29 10:18 - 2016-11-26 08:36 - 00024664 _____ (KYE System Corp.) C:\Windows\system32\Drivers\ioFakMap.sys
2016-12-29 10:15 - 2016-12-29 10:16 - 70372779 _____ C:\Users\Havlos\Downloads\SmartGenius_Win.zip
2016-12-29 10:11 - 2017-01-14 11:30 - 00003344 _____ C:\Windows\System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-573710485-1513062138-4064015244-1000
2016-12-29 10:11 - 2017-01-14 11:30 - 00003212 _____ C:\Windows\System32\Tasks\RealUpgradeLogonTaskS-1-5-21-573710485-1513062138-4064015244-1000
2016-12-28 19:42 - 2016-12-28 19:42 - 00038400 _____ C:\Users\Havlos\Downloads\investice-Havlos-2016-12-28.xls
2016-12-27 22:36 - 2016-12-27 22:48 - 1523247104 _____ C:\Users\Havlos\Downloads\Zzne.avi
2016-12-27 18:58 - 2016-12-27 18:58 - 00001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Angry Birds.lnk
2016-12-27 18:58 - 2016-12-27 18:58 - 00001071 _____ C:\Users\Public\Desktop\Angry Birds.lnk
2016-12-27 18:58 - 2016-12-27 18:58 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Rovio
2016-12-27 18:57 - 2016-12-27 18:57 - 41044728 _____ (Rovio) C:\Users\Havlos\Downloads\angry-birds_1.0.exe
2016-12-27 18:57 - 2016-12-27 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio
2016-12-27 18:57 - 2016-12-27 18:57 - 00000000 ____D C:\Program Files (x86)\Rovio
2016-12-27 13:21 - 2016-12-27 13:38 - 970995242 _____ C:\Users\Havlos\Downloads\P_ítel pod strome_kem =2004-TV-CZ.avi
2016-12-21 21:05 - 2016-12-21 21:27 - 2369297260 _____ C:\Users\Havlos\Downloads\videa ze školy demo.m2t

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-01-14 15:37 - 2011-06-25 12:07 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\uTorrent
2017-01-14 15:35 - 2016-04-06 18:08 - 00002484 _____ C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-14 15:35 - 2011-07-28 23:32 - 00002394 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-14 15:35 - 2011-07-28 23:32 - 00002382 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-14 15:35 - 2011-06-16 18:34 - 00001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-01-14 15:35 - 2011-06-16 18:34 - 00001220 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-01-14 15:34 - 2016-04-16 13:42 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-14 15:24 - 2016-11-21 18:10 - 00000000 ____D C:\Users\Havlos\AppData\LocalLow\Mozilla
2017-01-14 15:20 - 2015-11-21 18:56 - 00003620 _____ C:\Windows\System32\Tasks\Ad-Aware Update (Weekly)
2017-01-14 15:20 - 2011-07-07 18:14 - 00002320 ____H C:\Windows\Tasks\{1A16C13C-1A98-4B61-8DAF-41D30E8E578F}.job
2017-01-14 15:20 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-14 11:06 - 2015-05-05 19:10 - 00000000 ____D C:\Program Files (x86)\MySQL
2017-01-14 11:06 - 2015-04-20 19:02 - 00000000 ____D C:\Program Files (x86)\Formix SE
2017-01-14 11:06 - 2014-05-10 09:01 - 00000000 ____D C:\ProgramData\AVG
2017-01-14 11:06 - 2012-01-08 10:47 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-01-14 10:53 - 2011-10-02 20:38 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Skype
2017-01-14 10:31 - 2016-10-21 15:40 - 00000000 ____D C:\ProgramData\BOINC
2017-01-14 10:31 - 2015-03-09 19:04 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Raptr
2017-01-14 10:31 - 2013-03-22 02:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-13 23:49 - 2011-10-14 17:57 - 00002058 ____H C:\Users\Havlos\Documents\Default.rdp
2017-01-13 21:14 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-01-13 20:30 - 2014-03-14 18:40 - 00000000 ____D C:\Users\Havlos\AppData\Local\Arma 3
2017-01-13 14:42 - 2014-06-10 16:22 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\Seznam.cz
2017-01-12 12:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-11 20:33 - 2015-04-27 19:18 - 00000000 ____D C:\Users\Havlos\AppData\Local\CrashDumps
2017-01-11 20:31 - 2014-03-14 18:21 - 00000000 ____D C:\Program Files (x86)\ArmA 3 Deluxe Edition [v 1.08 + 1 DLC] (2013) - Repack by Danik1B9
2017-01-10 22:34 - 2016-11-08 15:34 - 20358232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-01-10 22:34 - 2016-04-16 13:42 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-10 22:34 - 2016-04-16 13:42 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-10 22:34 - 2016-04-16 13:42 - 00003852 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-10 22:34 - 2011-12-27 15:09 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-10 22:34 - 2011-06-16 18:42 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-10 19:33 - 2016-04-16 13:54 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-10 19:32 - 2015-01-12 13:19 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-09 20:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-09 20:30 - 2013-04-09 11:32 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-08 15:39 - 2014-01-12 17:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UIG Entertainment
2017-01-06 23:12 - 2013-11-21 22:10 - 00000000 ____D C:\Users\Havlos\AppData\Roaming\vlc
2017-01-06 23:12 - 2011-06-22 19:42 - 00000000 ____D C:\Users\Havlos\.smplayer
2017-01-06 10:40 - 2015-01-27 16:12 - 00000000 ____D C:\Users\Public\Documents\Sports Interactive
2017-01-05 22:48 - 2015-01-27 16:12 - 00000000 ____D C:\Users\Havlos\Documents\Sports Interactive
2017-01-05 22:48 - 2011-06-25 09:03 - 00000000 ____D C:\Users\Havlos\AppData\Local\Sports Interactive
2017-01-05 22:48 - 2011-06-16 20:30 - 00000265 _____ C:\Users\Havlos\Documents\ax_files.xml
2017-01-05 21:14 - 2011-12-10 22:47 - 00000000 ____D C:\Hry
2017-01-05 20:19 - 2011-09-21 17:37 - 00132288 _____ C:\Users\Havlos\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-04 15:30 - 2016-07-26 07:28 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-01-04 15:30 - 2011-10-02 20:37 - 00000000 ____D C:\ProgramData\Skype
2017-01-02 15:04 - 2015-04-12 10:05 - 00000000 ____D C:\Users\Havlos\Documents\Soubory aplikace Outlook
2016-12-29 10:18 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\catroot2
2016-12-27 18:58 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-12-21 20:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Microsoft.NET
2016-12-21 19:55 - 2014-04-05 18:13 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-12-21 19:55 - 2011-10-17 16:27 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-21 19:52 - 2014-04-05 18:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-12-21 19:31 - 2012-04-25 19:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-17 10:16 - 2011-07-28 23:32 - 00003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 10:16 - 2011-07-28 23:32 - 00003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories =======

2013-06-27 08:22 - 2014-06-23 11:12 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
2013-09-18 15:31 - 2013-09-18 15:31 - 0000000 _____ () C:\Users\Havlos\AppData\Roaming\.NANotifyHere
2016-01-01 11:11 - 2016-01-01 11:24 - 0001272 _____ () C:\Users\Havlos\AppData\Local\FSDownloader(1).nast
2016-01-20 16:40 - 2016-01-20 16:40 - 0000083 _____ () C:\Users\Havlos\AppData\Local\FSDownloader(2).err
2016-01-20 20:27 - 2016-01-20 20:27 - 0001048 _____ () C:\Users\Havlos\AppData\Local\FSDownloader(2).nast
2015-11-29 10:58 - 2015-12-25 10:34 - 0013519 _____ () C:\Users\Havlos\AppData\Local\FSDownloader.err
2015-11-23 20:27 - 2015-12-25 14:35 - 0005448 _____ () C:\Users\Havlos\AppData\Local\FSDownloader.nast
2014-05-21 17:16 - 2014-05-21 17:16 - 0001040 _____ () C:\Users\Havlos\AppData\Local\MRDownloader.nast
2011-10-14 17:24 - 2011-10-14 17:25 - 0000600 _____ () C:\Users\Havlos\AppData\Local\PUTTY.RND
2011-10-14 16:48 - 2011-10-27 22:31 - 0007605 _____ () C:\Users\Havlos\AppData\Local\resmon.resmoncfg
2012-09-20 19:16 - 2012-09-20 19:16 - 0384835 _____ () C:\Users\Havlos\AppData\Local\speeddial.crx
2011-09-21 18:55 - 2015-01-17 21:26 - 0271423 _____ () C:\Users\Havlos\AppData\Local\SRDownloader.err
2011-09-21 21:03 - 2014-02-13 05:33 - 0053279 _____ () C:\Users\Havlos\AppData\Local\SRDownloader.log
2011-09-21 17:34 - 2015-01-17 21:26 - 0001504 _____ () C:\Users\Havlos\AppData\Local\SRDownloader.nast
2017-01-14 11:04 - 2016-12-26 15:58 - 0965120 ___SH () C:\ProgramData\igfxDH.dll
2017-01-14 11:03 - 2017-01-14 11:03 - 1620992 _____ () C:\ProgramData\service.exe

Files to move or delete:
====================
C:\Users\Havlos\AppData\Local\Temp\00017139\msiql.exe
C:\ProgramData\igfxDH.dll
C:\ProgramData\service.exe
C:\Windows\Tasks\{1A16C13C-1A98-4B61-8DAF-41D30E8E578F}.job


Some files in TEMP:
====================
C:\Users\Havlos\AppData\Local\Temp\131215343790788000.exe
C:\Users\Havlos\AppData\Local\Temp\13121534381160919188.exe
C:\Users\Havlos\AppData\Local\Temp\jre-8u111-windows-au.exe
C:\Users\Havlos\AppData\Local\Temp\lowproc.exe
C:\Users\Havlos\AppData\Local\Temp\proxy_vole7717003519100785436.dll
C:\Users\Havlos\AppData\Local\Temp\proxy_vole8488723027812376554.dll
C:\Users\Havlos\AppData\Local\Temp\setup.dll
C:\Users\Havlos\AppData\Local\Temp\stubhelper.dll
C:\Users\Havlos\AppData\Local\Temp\vlc-2.2.4-win32.exe
C:\Users\Havlos\AppData\Local\Temp\_is8FA1.exe


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-11-05 10:43

==================== End of FRST.txt ============================

[Havlos]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2017
Ran by Havlos (14-01-2017 15:37:48)
Running from C:\Users\Havlos\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2011-06-16 23:03:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-573710485-1513062138-4064015244-500 - Administrator - Disabled)
Guest (S-1-5-21-573710485-1513062138-4064015244-501 - Limited - Disabled)
Havlos (S-1-5-21-573710485-1513062138-4064015244-1000 - Administrator - Enabled) => C:\Users\Havlos

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Lavasoft Ad-Watch Live! Anti-Virus (Enabled - Up to date) {9FF26384-70D4-CE6B-3ECB-E759A6A40116}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Lavasoft Ad-Watch Live! (Enabled - Up to date) {24938260-56EE-C1E5-047B-DC2BDD234BAB}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.08 - GIGABYTE)
010 Editor 3.1.1 (HKLM-x32\...\010 Editor v3_is1) (Version: - SweetScape Software)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AdmWin 2.32 (HKLM-x32\...\AdmWin_is1) (Version: - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Angry Birds (HKLM-x32\...\{07A6B206-3F11-4D92-92A1-90E116ADD660}) (Version: 2.0.2 - Rovio)
Aponia Wizard (remove only) (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Aponia GPS NavigationWizard) (Version: - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoGreen B10.0517.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.0517.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Browser Configuration Utility (HKLM-x32\...\{A2F991E7-DDCD-42B7-AFEC-47789A099FDC}) (Version: 1.1.18.0 - DeviceVM Inc.) <==== ATTENTION
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: - )
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - Canon Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - )
Cities in Motion 2 (c) Paradox Interactive version 1 (HKLM-x32\...\Q2l0aWVzIGluIE1vdGlvbiAyIChjKSBQYXJhZG94IEludGVyYWN0aXZl_is1) (Version: 1 - )
Company of Heroes 2 - Beta Stress Test (HKLM-x32\...\Steam App 231550) (Version: - )
Construction Simulator 2015 (HKLM-x32\...\Construction Simulator 2015_is1) (Version: - )
ContentPush (HKLM-x32\...\ContentPush) (Version: - ) <==== ATTENTION
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - CZ (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X5 (HKLM-x32\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
Cossacks 3 (HKLM-x32\...\Cossacks 3_is1) (Version: - )
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
CrystalDiskInfo 6.1.9 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.9 - Crystal Dew World)
CS Poker (HKLM-x32\...\CS Poker 0) (Version: - )
CSEP 14 1.1 (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\CSEP 14 1.1) (Version: - )
CuteFTP 8 Professional (HKLM-x32\...\{91F34319-08DE-457a-99C0-0BCDFAC145B9}) (Version: 8.3.2 - GlobalSCAPE)
Czechcrowncoin (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Czechcrowncoin) (Version: 0.8.7.2 - Czechcrowncoin project)
CZShare Manager (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\75c0e0ceac8ef0d4) (Version: 0.0.1.33 - CZShare)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Dostihy 3000 deluxe 1.1 (HKLM-x32\...\Dostihy 3000 deluxe) (Version: - )
Easy HTML5 Video (HKLM-x32\...\Easy HTML5 Video_is1) (Version: - )
Easy Tune 6 B10.0516.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B10.0516.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
EasySaver B9.1214.1 (HKLM-x32\...\{07300F01-89CA-4CF8-92BD-2A605EB83C95}) (Version: 1.00.0000 - Gigabyte)
EditEshop1.0.6.39 (HKLM-x32\...\{DB354A79-E108-45B2-AE03-147F4DBDFC82}_is1) (Version: - ing. Martin Pavlas)
Emergency 2014 (HKLM-x32\...\Emergency 2014) (Version: - Quadriga Games)
Emergency 5 (HKLM-x32\...\Emergency 5_is1) (Version: - )
Emergency Ambulance Simulator (HKLM-x32\...\Emergency Ambulance Simulator) (Version: - )
Euro Truck Simulator 2 - Going East! (HKLM-x32\...\Euro Truck Simulator 2 - Going East!_is1) (Version: - )
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
F1 2014 (HKLM-x32\...\RjEyMDE0_is1) (Version: 1 - )
Farm Expert 2017 verze 1.106 (HKLM-x32\...\{296685F2-4A02-45A9-A7CF-B7A089870668}_is1) (Version: 1.106 - )
Farming Simulator 15 - Holmer (HKLM-x32\...\Farming Simulator 15 - Holmer_is1) (Version: - )
Farming Simulator 2011 (HKLM-x32\...\FarmingSimulator2011_PLATINUMCZ_is1) (Version: 1.0 - GIANTS Software)
Farming Simulator 2013 (HKLM-x32\...\FarmingSimulator2013CZ_is1) (Version: 1.0 - GIANTS Software)
FastShare.cz verze 2.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.1 - )
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Football Manager 2013 (HKLM-x32\...\Steam App 207890) (Version: - Sports Interactive)
Football Manager 2016 verze 16.2.0 (HKLM-x32\...\{1B00BE8F-737B-4597-B8ED-DD82B66A9C83}_is1) (Version: 16.2.0 - )
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Game Alarm (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\gamealarm-DEFAULT) (Version: - )
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HDD Health v4.2 (HKLM-x32\...\HDD Health_is1) (Version: - )
Heavy Fire: Afghanistan (HKLM-x32\...\Heavy Fire: Afghanistan) (Version: 1.0.0 - Mastiff LLC.)
HighSky Trader 5 (HKLM\...\HighSky Trader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Hitman Absolution v1.0 (HKLM-x32\...\Hitman Absolution_is1) (Version: 1.0 - Eidos Interactive)
HOMEFRONT (HKLM-x32\...\{1A16C13C-1A98-4B61-8DAF-41D30E8E578F}) (Version: 1.4.0.0 - THQ)
Charity Engine (HKLM-x32\...\{7309D717-F38D-436D-9537-066AA0AC7639}) (Version: 7.0.80 - Charity Engine)
ICQ7.7 (HKLM-x32\...\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}) (Version: 7.7 - ICQ)
Idle Processor Utilization Services (HKLM-x32\...\{4C029DB4-39F1-4EAE-98EB-12B1F03CD56B}) (Version: 1.0.0.4 - Idle Processor Utilization Services)
Industry Manager: Future Technologies (HKLM\...\aW5kdXN0cnltYW5hZ2VyZnV0dXJldGVjaG5vbG9naWVz_is1) (Version: 1 - )
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.4.129.1 - Intel Security)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
JDownloader (HKLM-x32\...\JDownloader) (Version: 0.89 - AppWork UG (haftungsbeschränkt))
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader Packages (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\JDownloader Packages) (Version: - ) <==== ATTENTION
K-Lite Mega Codec Pack 12.0.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.0.5 - KLCP)
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
London 2012: The Official Video Game of the Olympic Games (HKLM-x32\...\London 2012: The Official Video Game of the Olympic Games_is1) (Version: - )
MediaInfo 0.7.63 (HKLM\...\MediaInfo) (Version: 0.7.63 - MediaArea.net)
MetaTrader 4 Client Terminal (HKLM-x32\...\MetaTrader 4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4 Client Profile CSY Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile CSY Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4885.1001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 cs)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySql Connector (HKLM-x32\...\{CA26F9B1-B924-44DD-AB79-A52007EEDD35}) (Version: 6.2.4 - My Sql)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
Nero 12 (HKLM-x32\...\{95E152CF-0EB5-4BFA-B6EE-8FC7F9601BA5}) (Version: 12.0.02900 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.6.10500.3.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.4.10400.0.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10600.4.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10200.0.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.6.11300 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.10.10600.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.10.10300.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10400.2.100 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.4.10800.7.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.10.10400.3.100 - Nero AG)
NoLimits 2 Roller Coaster Simulation (HKLM\...\bm9saW1pdHMycm9sbGVyY29hc3RlcnNpbXVsYXRpb24_is1) (Version: 1 - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4885.1001 - Microsoft Corporation) Hidden
ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenTTD 1.5.3 (HKLM-x32\...\OpenTTD) (Version: 1.5.3 - OpenTTD)
Orcs Must Die! (HKLM-x32\...\Orcs Must Die!_is1) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.12.1.43352 - Electronic Arts, Inc.)
PackBarre (HKLM-x32\...\{6CD11532-5229-4D23-B747-455BD759E6B2}) (Version: 4.0.5 - BPMconcept)
PacSteamT (HKLM-x32\...\PacSteamT) (Version: 1.0.2.0 - PaCmAn_Packs)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
partypoker (HKLM-x32\...\PartyPoker) (Version: - PartyGaming)
PC Connectivity Solution (HKLM-x32\...\{34610DE0-3C13-42CA-8E32-01FFA38AB6E8}) (Version: 8.47.7.0 - Nokia)
Plus500 (HKLM-x32\...\Plus500) (Version: - )
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
ProFact 3.0 (HKLM-x32\...\ProFact 3.0_is1) (Version: - eXmind)
Professional Farmer 2014 (HKLM-x32\...\Professional Farmer 2014_is1) (Version: - )
Python 3.2.3 (64-bit) (HKLM\...\{789C9644-9F82-44d3-B4CA-AC31F46F5883}) (Version: 3.2.3150 - Python Software Foundation)
qksee (HKLM-x32\...\qksee) (Version: - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATTENTION
QTranslate 4.0.0 (HKLM-x32\...\QTranslate) (Version: 4.0.0 - QuestSoft)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RegTool2 (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\518496c506da956e) (Version: 2.9.0.236 - AppTools)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RonyaSoft Poster Designer (Poster Forge) 2.01 (HKLM-x32\...\RonyaSoft Poster Designer (Poster Forge)) (Version: 2.01 - RonyaSoft)
Roulette Bot Plus (HKLM-x32\...\RBPlus) (Version: 1.3.7.0 - www.roulettebotplus.com)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.1.1.11124_17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.4.0 - SAMSUNG Electronics Co., Ltd.)
SBK(tm) Generations (HKLM-x32\...\{3FDC48B2-98EC-4099-99C2-20F4FB9C9093}) (Version: 1.00.0000 - Milestone srl)
SBK(tm) Generations (x32 Version: 1.00.0000 - Milestone srl) Hidden
SCANIA Truck Driving Simulator 1.0.0 (HKLM-x32\...\SCANIA Truck Driving Simulator) (Version: 1.0.0 - SCS Software)
Sebastien Loeb Rally EVO (HKLM-x32\...\Sebastien Loeb Rally EVO_is1) (Version: - )
Seznam Software (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\SeznamInstall) (Version: - Seznam.cz)
Share Rapid Poker 1.8 (HKLM-x32\...\Share Rapid Poker_is1) (Version: - )
SimCity (HKLM-x32\...\SimCity_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.5 - PcWinTech.com)
Simt (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\5aa11655d7ba586e) (Version: 1.0.1.35 - Hewlett-Packard)
Ski Challenge 13 (CH) (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\sc13-CH_MAIN) (Version: - )
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.1.0.4 - KYE Systems Corp.)
SMPlayer 0.6.9 (HKLM-x32\...\SMPlayer) (Version: 0.6.9 - RVM)
Sniper Elite: Nazi Zombie Army (HKLM-x32\...\Sniper Elite: Nazi Zombie Army_is1) (Version: - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spintires (HKLM-x32\...\Spintires_is1) (Version: - )
Splinter Cell - Blacklist 1.01 (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}_is1) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
STORMWARE POHODA CZ Start (HKLM-x32\...\{3BE70A9F-0D16-4F74-A772-577E5A27A0DC}) (Version: 2012 - STORMWARE)
STORMWARE POHODA CZ Start (x32 Version: 2012 - STORMWARE) Hidden
StreamTransport version: 1.0.2.1931 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
Stronghold 3 (HKLM\...\Steam App 47400) (Version: - FireFly Studios)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Takedown: Red Sabre (HKLM-x32\...\VGFrZWRvd25SZWRTYWJyZQ==_is1) (Version: 1 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.41110 - TeamViewer)
The Settlers 7 - Paths to a Kingdom (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.02.1221 - Ubisoft)
The Settlers II - 10th Anniversary (HKLM-x32\...\S2TNG) (Version: - )
Thread Manager 3.1.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 3.1.0.0 - Digital Generation)
Tom Clancys Rainbow Six Siege (HKLM-x32\...\Tom Clancys Rainbow Six Siege_is1) (Version: - )
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.00.000 - Ubisoft)
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Tomb Raider verze 1.0.716.5 (HKLM-x32\...\Tomb Raider_is1) (Version: 1.0.716.5 - Square Enix)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 8.51 - Ghisler Software GmbH)
Train Simulator 2015 (HKLM-x32\...\Train Simulator 2015_is1) (Version: - )
Trainz Simulator 12 (HKLM-x32\...\Trainz Simulator 12_is1) (Version: - )
Traktor 3 (HKLM-x32\...\Traktor 3_is1) (Version: 1.0 - Game shop, s.r.o.)
Transport Giant (HKLM-x32\...\Transport Giant_is1) (Version: - )
TV Online (HKLM-x32\...\TV Online 1.9.5) (Version: 1.9.5 - TV Online)
TV Online (x32 Version: 1.9.5 - TV Online) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WD SmartWare (HKLM\...\{604CB4FC-3D32-405F-A109-165F170529B6}) (Version: 1.2.0.8 - Western Digital)
Web Companion (HKLM-x32\...\{0dd6d002-d20e-4ca5-8e72-07e7ece4cc45}) (Version: 2.3.1507.2892 - Lavasoft)
Websurf verze 1.0.0.2 (HKLM-x32\...\{95D6B2D2-C7E4-425A-BFCE-0D4EFC41DB10}_is1) (Version: 1.0.0.2 - Jursoft)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
William Hill CASINO CLUB (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\William Hill CASINO CLUB) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Woodcutter Simulator 2013 (HKLM-x32\...\Woodcutter Simulator 2013) (Version: - )
WRC Powerslide (HKLM-x32\...\WRC Powerslide_is1) (Version: - CODEX)
WRC3 verze 1.0 (HKLM-x32\...\{B4BF2667-112C-45EF-B8CB-1168E4EB5BA8}_is1) (Version: 1.0 - Milestone Srl)
ZDSimulator 4.9.6 (HKLM-x32\...\{007309CB-F9B6-40CF-9BBF-76F2FA41E092}_is1) (Version: 4.9.6 - Vyacheslav Usov)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.6 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\ChromeHTML: -> C:\Program Files (x86)\Monold\Monold\chrome.exe (Google Inc.) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {007B5F58-0EAF-46CA-A8C4-78B7FDA05800} - System32\Tasks\{2543EEF8-9B45-425C-9C29-B56E20A8E298} => Regsvr32.exe
Task: {05E06478-D19F-40B4-B1B7-60DC987DCA45} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {0F42DBBD-2904-4E3E-8B5A-E808866A3350} - System32\Tasks\{B43F706E-B11D-49EA-B4A6-0D238311B855} => C:\Program Files (x86)\Rublik\driver-downloader.exe
Task: {151B001F-0B7F-4C0A-942F-A0493FB6F236} - System32\Tasks\Online Application v2 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe
Task: {15AAE7A9-0C28-42B0-8F9B-FE6F1CA336B8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {178E2EEA-E194-4A75-A829-18134E149723} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {189F43C5-106E-4329-AAAB-4E6C0063FCD4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {1EB618A9-F03C-421C-BDF7-76701933A338} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {36E07611-27C7-4E50-956A-16868724022C} - System32\Tasks\{758EC312-A883-4A3E-9DAC-1D1ACF7037E3} => H:\setup.exe [2016-10-27] ( )
Task: {38BCE13D-3477-451A-B160-760A9D287415} - System32\Tasks\{C3470B04-86EA-4C33-805B-66C304935307} => H:\Setup.exe [2016-10-27] ( )
Task: {3923CA62-8E35-421B-A79D-EBA487D8E79B} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2016-03-31] (McAfee, Inc.)
Task: {3A2114C0-2015-4F5C-8E02-1C089FC183C3} - System32\Tasks\{0018D933-9603-4DE4-A061-1195EC1D53B4} => pcalua.exe -a C:\Users\Havlos\Downloads\jre-6u26-windows-i586.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {3B508C21-C364-41E3-B4F9-0A9C2A30F60D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {3BC8508E-CA90-40EC-B9A5-73C523E75475} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {3F6071E4-CF58-4671-AEB0-A6B55AB228E8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2016-11-01] (Microsoft Corporation)
Task: {45D82EAB-96E5-416B-8751-0B77157C5B43} - System32\Tasks\Program k provádění aktualizací online Real Player => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-09-20] (RealNetworks, Inc.)
Task: {475BABA0-3187-404E-A891-9595B2AC7371} - System32\Tasks\Online Application v2 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe
Task: {4AC2D2B9-36F8-47CB-B996-99D40EA52D36} - System32\Tasks\{6F506637-9820-4563-9F85-4BE1C3769C75} => H:\setup.exe [2016-10-27] ( )
Task: {4C342351-CDB3-460D-9B79-6FD1BD6655BF} - System32\Tasks\MonoldBrowserUpdateUA => C:\Program Files (x86)\Monold\Monold\bin\Monold_server.exe <==== ATTENTION
Task: {4CB2811F-E90B-4EF2-9AD0-7F43FBCED576} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe
Task: {4D3C2157-FCD2-487B-A5D1-F6DC4BFA9602} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {61FD285F-EF02-4FAE-A621-24A1B3ED8449} - System32\Tasks\{2EA574BF-D2A2-4449-B792-4D511C3ADF31} => H:\Setup.exe [2016-10-27] ( )
Task: {65D5F21B-9A0E-4B95-993A-A98FE8091A2A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-573710485-1513062138-4064015244-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {679C83E4-D497-4D7F-9739-2FF730ECDD04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {6880B5D7-60D9-4FED-93CF-0559D10B558C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {76A5E0D5-7FBB-4104-BF01-F8F5CAECFD1A} - System32\Tasks\{BE26CE2F-CF0A-498E-B66E-890E5E9E89AD} => pcalua.exe -a "C:\Users\Havlos\Desktop\Stahnute s netu\Microsoft_Windows_XP_Corporate_Edition_SP3.exe" -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {7C92391F-7B4C-4B81-9E56-653CB1346489} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-03-22] ()
Task: {7DB55C6A-B07B-4F9B-BD02-32CE9DAF1EA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {820AFC15-C671-4D33-BA21-75DDC4501396} - System32\Tasks\{9F9B7C32-86BE-4E7E-B803-C52FB7F8C586} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12029
Task: {87836370-6170-403F-AF83-21207F48DE15} - System32\Tasks\Online Application Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe
Task: {8BB4A1C7-F6FA-4F21-A208-B27D722B54AD} - System32\Tasks\SpyHunter4Startup => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
Task: {A5605D9D-7B83-41DF-8B7B-94BDCB32286D} - System32\Tasks\Online Application Updater => C:\Program Files (x86)\Microleaves\Online.io Application\Online Application Updater.exe
Task: {A88A3293-08DA-4DFC-AEFD-B3C80683C83B} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2011-09-01] (Lavasoft Limited )
Task: {AC4D2F17-CD1A-4E36-BDBC-002048257772} - System32\Tasks\Program k provádění aktualizací online Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {ACF30F62-0BF9-41A9-82FC-74318B2E9F32} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-573710485-1513062138-4064015244-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)
Task: {AE35653D-5ABE-41A2-891E-ED7455C2447D} - System32\Tasks\{5492B7AC-9204-4115-824A-5FFB8EFD6EFB} => pcalua.exe -a G:\BunchOfHeroes_CZ_master\Setup.exe -d G:\BunchOfHeroes_CZ_master
Task: {B2CBC1E0-6E4B-4EF1-AB93-27F872D7AD38} - System32\Tasks\{31AA193E-DEF9-41AB-B502-C31FF25886E8} => H:\setup.exe [2016-10-27] ( )
Task: {B55F61C1-58F0-4972-91DE-4F135C003F61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-11-01] (Microsoft Corporation)
Task: {BB40B3D7-0511-4531-8990-97B7319107ED} - System32\Tasks\{EC8B5D4E-DA39-4ED6-B7BE-2A8CAE1997B6} => pcalua.exe -a H:\setup.exe -d H:\
Task: {C084495C-82F2-42AD-9123-0FC17CAF15E6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {C2E2AC4B-304E-4CE5-8B38-43292D0B73A6} - System32\Tasks\MonoldBrowserUpdateCore => C:\Program Files (x86)\Monold\Monold\bin\Monold_server.exe <==== ATTENTION
Task: {C3064D82-8431-4B34-B587-DA0D0D70E86A} - System32\Tasks\{0921CFAE-AE8D-4776-86A8-A6150E60DECF} => H:\setup.exe [2016-10-27] ( )
Task: {D53C3327-7468-45EC-8113-307C6A8B00BD} - System32\Tasks\{9416922C-B18C-4C49-AD7E-AE86ABF265F0} => H:\setup.exe [2016-10-27] ( )
Task: {D5ED900A-918A-4439-8EED-BA2D880DCBB9} - System32\Tasks\Online Application => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe
Task: {D9C67F19-361A-4636-8B4D-D05AEFE9DFA4} - System32\Tasks\MonoldCheckTask => C:\Program Files (x86)\Monold\Monold\bin\Monold_server.exe <==== ATTENTION
Task: {DEE08A11-068C-4BA9-9594-ED085EAAFA26} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DF20676E-61A3-4CB0-97BA-E83BA5AFFFE2} - System32\Tasks\{1A16C13C-1A98-4B61-8DAF-41D30E8E578F} => H:\Setup.exe [2016-10-27] ( )
Task: {E67291B0-2C16-4946-9C89-50DEBC5A1350} - System32\Tasks\{4E6F13FA-B752-4F4A-887F-F33D61EC93BC} => Firefox.exe
Task: {E8C66E8D-7DFC-45F0-9BBB-47FB1EC3DD42} - System32\Tasks\{F1D34AB0-2966-4FB5-A9CC-9C86CA7C4D36} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lig ... rror=12029
Task: {EC814AEB-B462-4E4D-8629-8F417DAFB1D0} - System32\Tasks\Online Application Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian.exe
Task: {ED84814F-36F8-4C06-AAD5-2E2035ABFF97} - System32\Tasks\{7E0DF409-635D-4B0E-BC67-26400946790E} => Firefox.exe
Task: {EF8BAF42-DEFE-4DD8-9DD1-EDB92FB613BB} - System32\Tasks\{C39AEA5B-60CF-4D81-8F67-1E7B4194B6B5} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/73010
Task: {EFEE31F1-CD79-4A55-938B-18AD18353EBC} - System32\Tasks\{4FC64BC7-05DE-4B4F-B391-33BC1C140667} => pcalua.exe -a C:\Users\Havlos\Desktop\xxx\pst-211009-v1020.exe -d C:\Users\Havlos\Desktop\xxx
Task: {F96E2F57-45F9-4529-9644-B8FC336D665E} - System32\Tasks\{D5F93757-1662-4169-8C40-0D0DB2D554ED} => Regsvr32.exe
Task: {FB6D0078-ABDD-4CF1-80E6-383410EDEE2E} - System32\Tasks\Online Application v2 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.exe
Task: {FD48185D-EEA5-46D5-9784-9D7F06660FAA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {FDEE3067-2593-4147-8905-5A933F053A22} - System32\Tasks\{560477C4-363D-4554-9868-6EB20FC6877A} => pcalua.exe -a C:\Users\Havlos\Downloads\hdtune_255.exe -d C:\Users\Havlos\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\{1A16C13C-1A98-4B61-8DAF-41D30E8E578F}.job => H:\Setup.exe Э/i H:\data.msi

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ATTENTION

Shortcut: C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simple Port Forwarding\SPF - Basic UI Mode.lnk -> C:\Program Files (x86)\Simple Port Forwarding\basic_ui.bat ()
Shortcut: C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader\JDownloader Support.lnk -> hxxp://jdownloader.org/knowledge/inde

ShortcutWithArgument: C:\Users\Havlos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Havlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Monold\Monold\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Havlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Havlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/gbsp/mb/?p=w"
ShortcutWithArgument: C:\Users\Havlos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Monold\Monold\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --load-extension="C:\Users\Havlos\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://qtipr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://qtipr.com/

==================== Loaded Modules (Whitelisted) ==============

2014-11-20 21:23 - 2014-11-20 21:23 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2014-04-05 18:08 - 2016-05-24 08:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2011-06-17 00:07 - 2009-08-24 13:38 - 00068136 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
2012-12-24 14:25 - 2012-06-07 09:17 - 00072640 _____ () C:\Program Files (x86)\HDD Health\HDDHealthService.exe
2016-04-16 15:52 - 2016-12-21 19:46 - 00025232 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2016-04-16 15:52 - 2016-12-21 19:46 - 00017040 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2016-04-16 15:52 - 2016-12-21 19:46 - 00037016 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2017-01-14 11:04 - 2016-12-26 15:58 - 00965120 ___SH () C:\ProgramData\igfxDH.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-01-14 11:03 - 2017-01-14 11:03 - 00148480 _____ () C:\Users\Havlos\AppData\Roaming\Grozogh\Kgitraceent.dll
2016-09-24 14:29 - 2016-09-24 14:29 - 00402624 _____ () C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\AppVIsvStream64.dll
2011-04-26 01:00 - 2011-06-28 12:19 - 00589184 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\RPAPI.dll
2011-04-26 01:00 - 2011-06-28 12:19 - 00430568 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\viprebridge.dll
2011-04-26 01:00 - 2011-06-16 16:32 - 00308560 _____ () C:\Program Files (x86)\Lavasoft\Ad-Aware\Vipre.dll
2015-01-15 13:33 - 2014-12-19 05:01 - 00192376 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\Extended\libBase64.dll
2015-01-15 13:33 - 2014-12-19 05:01 - 00180088 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\Extended\libMachoUniv.dll
2011-07-06 17:34 - 2011-07-03 17:28 - 00508776 _____ () C:\ProgramData\Lavasoft\Ad-Aware\Defs\thorax.aaw
2011-06-17 00:07 - 2009-03-13 10:30 - 00109096 _____ () C:\Program Files (x86)\Gigabyte\EasySaver\YCC.DLL
2016-07-29 09:12 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-07-29 09:12 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-07-29 09:12 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-07-29 09:12 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-07-29 09:12 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-573710485-1513062138-4064015244-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2016-07-26 10:54 - 00000948 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 validation.sls.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-573710485-1513062138-4064015244-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.12.0.1 - 10.6.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: RublikAutostartSetting => "C:\Program Files (x86)\Rublik\rublik.exe"
MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{C7429E22-B03B-4053-B16F-240C8B27B332}G:\fifa 12\game\fifa.exe] => G:\fifa 12\game\fifa.exe
FirewallRules: [UDP Query User{549DB61C-6623-4154-A063-1ACF69EF220B}G:\fifa 12\game\fifa.exe] => G:\fifa 12\game\fifa.exe
FirewallRules: [TCP Query User{C4AA6689-4584-4D48-810F-7EBF7CB75C68}C:\program files (x86)\icq7.7\icq.exe] => C:\program files (x86)\icq7.7\icq.exe
FirewallRules: [UDP Query User{C5E94E79-A84F-47DE-B070-B40FEE9A130A}C:\program files (x86)\icq7.7\icq.exe] => C:\program files (x86)\icq7.7\icq.exe
FirewallRules: [TCP Query User{6CABED24-8315-4CF4-819A-7985EADA1854}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EF544534-E54F-4EEA-9626-F90392C83115}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{25CF52A0-B81F-4D79-9BBD-DE849E75DEBF}C:\program files (x86)\london 2012 the official video game of the olympic games\london2012.exe] => C:\program files (x86)\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [UDP Query User{E755EE62-D4B6-41E2-8900-26413868EE5A}C:\program files (x86)\london 2012 the official video game of the olympic games\london2012.exe] => C:\program files (x86)\london 2012 the official video game of the olympic games\london2012.exe
FirewallRules: [{93D24546-11E9-4351-A7E0-90E45BD8013E}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3F0FF02C-B860-4DFC-A694-59306A7D5F48}C:\program files (x86)\real\realplayer\realplay.exe] => C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{021EB627-463D-4C7F-9DAF-24B6E0489B1D}C:\program files (x86)\real\realplayer\realplay.exe] => C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{6027B508-7929-43F7-9ED3-305D21E01977}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [UDP Query User{7DCBC8AB-6E4A-4249-A616-99E04E76CC21}C:\program files (x86)\java\jre6\bin\javaw.exe] => C:\program files (x86)\java\jre6\bin\javaw.exe
FirewallRules: [{E7CFD3F3-F5DC-404B-8D50-7D86649344C9}] => C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{06B46A37-A6B6-4718-9D71-D9936D75853A}] => C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{612ACF56-92A6-4FFF-9233-9217A91DC66F}] => C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{6AF3E816-515F-4CDB-A5A8-7AD1BCB287BD}] => C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{313CFCE8-D89F-4FB3-B365-F656C2D19EB6}] => C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{C90A611F-4401-4FDA-9E04-FFDC1D77E0A9}] => C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{AB54612D-0F0E-45F8-BB62-B1E7C73395E3}F:\driver san francisco\driver.exe] => F:\driver san francisco\driver.exe
FirewallRules: [UDP Query User{C31118A0-9861-44B9-87DE-A0ACF31B0641}F:\driver san francisco\driver.exe] => F:\driver san francisco\driver.exe
FirewallRules: [{EA3699D9-A6AA-4C7C-9770-99979C32653A}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{166C8CBA-DBB3-4BC1-9BB4-5C5140EF34FD}] => C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{931A4633-D0E8-4BD8-9F6C-E515782A87B1}] => C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{EC3A8247-BDE4-4B8F-AEC0-30622881D964}] => C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{8761E33D-989F-4FA9-93CD-5978A7629252}C:\program files (x86)\medal of honor warfighter\mohw.exe] => C:\program files (x86)\medal of honor warfighter\mohw.exe
FirewallRules: [UDP Query User{899CF7B8-1EE4-46C3-B4EC-1AFE837376D9}C:\program files (x86)\medal of honor warfighter\mohw.exe] => C:\program files (x86)\medal of honor warfighter\mohw.exe
FirewallRules: [{A8810BCC-1014-40B2-A9BE-35D64DB19216}] => C:\Program Files (x86)\Woodcutter Simulator 2013\iupdate.dll
FirewallRules: [{FF152940-6086-4321-96F7-202C91C6746F}] => C:\Program Files (x86)\Woodcutter Simulator 2013\iupdate.dll
FirewallRules: [{4DF84894-4765-46C7-8A0F-08C91CC64E65}] => C:\Program Files (x86)\Woodcutter Simulator 2013\woodcutter2013.dll
FirewallRules: [{9343EAEF-2A10-4C29-AFBA-D2E7EB2BAA42}] => C:\Program Files (x86)\Woodcutter Simulator 2013\woodcutter2013.dll
FirewallRules: [TCP Query User{AF6FD7CD-6413-463D-A3E7-062E3FE35186}C:\users\havlos\desktop\programy\utorrent.exe] => C:\users\havlos\desktop\programy\utorrent.exe
FirewallRules: [UDP Query User{329F016F-82DF-482A-910E-403008088776}C:\users\havlos\desktop\programy\utorrent.exe] => C:\users\havlos\desktop\programy\utorrent.exe
FirewallRules: [{AE474C4B-3010-464F-B6A4-B0E01B016022}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{57E74D1C-0450-461D-96E0-CD9B353B812F}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EA1AE189-37F2-4E4A-9C61-FB7371C02F3A}] => C:\Program Files (x86)\Steam\SteamApps\common\Cities In Motion\Cities In Motion.exe
FirewallRules: [{4F027984-5012-4665-ABCF-CABBD84C78E2}] => C:\Program Files (x86)\Steam\SteamApps\common\Cities In Motion\Cities In Motion.exe
FirewallRules: [{47BC4884-D615-4B10-9282-B6B57B5DF807}] => C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [{D82AE9F5-DBE5-4899-866A-983CB564BF1E}] => C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2013\fm.exe
FirewallRules: [TCP Query User{A240A4DD-9592-446D-BE30-24BB5D599CDA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{D9022A98-D54F-4B59-962D-5E002F8F70E4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{556FDE11-E8CE-4E06-8B1F-719767429592}] => C:\Program Files\HighSky Trader 5\metatester64.exe
FirewallRules: [TCP Query User{82A46CE1-F01A-4846-97A6-E3EA358F0492}C:\hry\splinter cell - blacklist\src\system\blacklist_dx11_game.exe] => C:\hry\splinter cell - blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [UDP Query User{725F6547-1CF5-4A4C-A788-1D6AC70FB34D}C:\hry\splinter cell - blacklist\src\system\blacklist_dx11_game.exe] => C:\hry\splinter cell - blacklist\src\system\blacklist_dx11_game.exe
FirewallRules: [TCP Query User{856E030A-A7EA-48B1-A966-83B887D4E070}C:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => C:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [UDP Query User{EBC3354F-0A1A-48F2-88AB-BE97374E5EE2}C:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe] => C:\program files (x86)\takedown red sabre\binaries\win32\takedowngame.exe
FirewallRules: [{472BA206-6943-4884-B263-D8E2A3F266A2}] => C:\Users\Havlos\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{5F0D7BF0-2943-4D28-B79F-B0B7415951BD}] => C:\Users\Havlos\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{E7A58B52-FCFA-4635-9D82-27948567A298}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [UDP Query User{2622A9F4-7183-4529-A4A5-B2CFB31EC8ED}C:\program files (x86)\bitcoin\bitcoin-qt.exe] => C:\program files (x86)\bitcoin\bitcoin-qt.exe
FirewallRules: [{B05C50A0-A03D-4171-8721-E7B82EC5C49D}] => C:\Program Files (x86)\TV Online\TV Online\TV Online.exe
FirewallRules: [TCP Query User{A70C2FAD-D8AE-4556-B6FC-3C008ADE2FAD}D:\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe] => D:\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe
FirewallRules: [UDP Query User{C8F588DE-B7C0-4DD9-BD90-A21426882378}D:\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe] => D:\fifa 14 cz v1.4.0.0 - reapck by danik1b9\fifa14.exe
FirewallRules: [{C33DB05C-F9B6-4008-9F50-D6EE9445B935}] => C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{C03AA5CF-4AD2-4D95-AB8A-DC0B4CE35AF8}] => C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{8881B374-FBCF-44B7-BB9B-1032772C8541}] => C:\Program Files (x86)\R.G. Mechanics\SimCity\SimCity\SimCity.exe
FirewallRules: [{553DBEDA-04D7-42F0-B931-5268D3B2D472}] => C:\Program Files (x86)\Farming Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{42BFF3F3-78EE-44E6-B4A8-53A43AF0477E}] => C:\Program Files (x86)\Farming Simulator 2011\FarmingSimulator2011.exe
FirewallRules: [{75502A9D-9A77-437E-9661-EB50B8E5EDA0}] => C:\Program Files (x86)\Farming Simulator 2011\game.exe
FirewallRules: [{0975E506-02B4-4A8C-9E64-82F3FC03D790}] => C:\Program Files (x86)\Farming Simulator 2011\game.exe
FirewallRules: [{A2915FD3-529E-467D-A646-DE5196B9AFAB}] => C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{007D6CB2-7B22-4C6F-99BC-F03030509138}] => C:\Program Files (x86)\Simple Port Forwarding\spf.exe
FirewallRules: [{3D6665EB-88AC-40E2-8780-00604D9C87E7}] => LPort=10823
FirewallRules: [TCP Query User{905EC77D-12D3-49D2-BE08-DBF99EEBBF84}C:\program files (x86)\czechcrowncoin\czechcrowncoin-qt.exe] => C:\program files (x86)\czechcrowncoin\czechcrowncoin-qt.exe
FirewallRules: [UDP Query User{3FE737E3-3BE0-47B8-9CFB-DC884F9CB0D0}C:\program files (x86)\czechcrowncoin\czechcrowncoin-qt.exe] => C:\program files (x86)\czechcrowncoin\czechcrowncoin-qt.exe
FirewallRules: [{44E24C40-4EA0-4E8C-BE3A-B77DF4AA84CD}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{33A43B5A-1D90-49E6-9E32-D3318D3A1656}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB69F9E2-DF38-4061-9C5E-AB1D6DAE7283}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E5DE0EF4-81DD-46AF-A6EE-A236007799C1}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{19E15288-BB34-437F-BD1C-566A495973C2}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E99A4043-08EB-454C-B943-B29876340765}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{D3B8B136-EFE7-4C39-A9C3-294869E6EDB8}] => C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [{9F2D9994-7795-4B47-AE49-967D7A70179E}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{12168793-5CFB-4BD9-87B6-FDE9C9785624}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{A772C9EA-12E8-49CA-B8C8-7B3A1A60753A}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{6BE7FB54-33E9-4C27-B076-397A9597A3F3}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{A461CACE-4CA6-4E27-8F33-11887A52D50C}E:\wrc powerslide\wrcpowerslide.exe] => E:\wrc powerslide\wrcpowerslide.exe
FirewallRules: [UDP Query User{A693AF91-8C38-464A-A372-5556ABAF1A6A}E:\wrc powerslide\wrcpowerslide.exe] => E:\wrc powerslide\wrcpowerslide.exe
FirewallRules: [{A4E4CC1D-F0F6-409B-8675-4A187BC0DF55}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D652690E-F23D-4F26-8CCF-0498BAB2DAB6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{50464965-0A17-4851-B5A1-792E93B0283A}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{CFD178ED-B0D4-4D5C-A4D3-641CDD34D8CA}] => C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F3B0123E-1E21-4CEE-A801-FB3874B64E63}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A83CB184-F8B7-4975-AE73-65A8EA340511}] => C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{2818A447-E03D-4637-9866-819DD41ECCB6}D:\grand theft auto v\gta5.exe] => D:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{26BE7570-15E5-407A-91E3-8003A9505CAA}D:\grand theft auto v\gta5.exe] => D:\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{43B9C179-1FFE-4E7C-A458-291788737BC4}D:\tom clancys rainbow six siege\rainbowsix.exe] => D:\tom clancys rainbow six siege\rainbowsix.exe
FirewallRules: [UDP Query User{527D1871-BAFD-431B-BE02-4880C7C93F71}D:\tom clancys rainbow six siege\rainbowsix.exe] => D:\tom clancys rainbow six siege\rainbowsix.exe
FirewallRules: [{FFCDA91B-C7AF-459B-BE92-299C4340B1DE}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{1870E280-A78B-4F04-A66E-98EB218CFD6D}] => C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4EDB7827-79B1-4C52-BA5A-BFBC5B8E0792}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{16BD43BC-3142-46DE-B6E0-B85A6BE6958E}] => C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{3B4F072C-C37D-4953-8A70-897D5E278869}C:\program files (x86)\sebastien loeb rally evo\slrx64.exe] => C:\program files (x86)\sebastien loeb rally evo\slrx64.exe
FirewallRules: [UDP Query User{BFA7AECD-8571-4235-9F83-3407753A26D7}C:\program files (x86)\sebastien loeb rally evo\slrx64.exe] => C:\program files (x86)\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{43C7E0CE-4636-4602-8BA2-0DFD3E9E6D7B}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{A9FFE550-146D-4A96-BCC3-28D8CA9DCD16}] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [TCP Query User{0AC92DC1-66CD-4F87-BBEC-49E3CBD71FE2}D:\settlers 7\data\base\_dbg\bin\release\settlers7r.exe] => D:\settlers 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [UDP Query User{CAFCF066-3359-4BAC-A85A-E0B6F74698DA}D:\settlers 7\data\base\_dbg\bin\release\settlers7r.exe] => D:\settlers 7\data\base\_dbg\bin\release\settlers7r.exe
FirewallRules: [{A1F0EFB9-6B62-4D88-B2AC-6BD8F3A94B6D}] => C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{5F5AC133-DCA5-435E-AD8C-F87BEE1D9A6E}] => C:\Program Files (x86)\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{B31672AB-4797-44B4-A389-4B44DBE41D00}] => C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{2017B65C-1457-4985-9810-40210325B433}] => C:\Program Files (x86)\Origin Games\FIFA 12\Game\fifa.exe
FirewallRules: [{DDA336B4-EEA4-4B2B-82C4-CC736EA09ACC}] => C:\Program Files (x86)\Monold\Monold\chrome.exe
FirewallRules: [{22AA4988-F8FC-45B3-9E2F-AF2175E0D168}] => C:\Program Files (x86)\Monold\Monold\bin\Monold_server.exe
FirewallRules: [{B268ED64-0FFA-4B6F-B140-56F70EB6ADF6}] => C:\ProgramData\Monold\protect\protect.exe
FirewallRules: [{638813F0-18F8-43ED-BA9E-AFD7642D6CB0}] => C:\Users\Havlos\Downloads\ReimageRepair.exe
FirewallRules: [{C15C11FE-44C3-4757-A073-B829F4B442E4}] => C:\Users\Havlos\Downloads\ReimageRepair.exe
FirewallRules: [{5454C0B6-1121-4C0A-867B-497E52BF6AAA}] => C:\Users\Havlos\Downloads\ReimageRepair.exe
FirewallRules: [{A1DE7CBF-3665-4D50-92C9-8C96A093C64B}] => C:\Users\Havlos\Downloads\ReimageRepair.exe
FirewallRules: [{8672A1BC-D22A-429B-A174-5CF652E4FD1C}] => C:\Users\Havlos\AppData\Local\Temp\7zS9A39.tmp\SymNRT.exe
FirewallRules: [{CCE7AB06-FD84-4B05-9837-7466CE847058}] => C:\Users\Havlos\AppData\Local\Temp\7zS9A39.tmp\SymNRT.exe
FirewallRules: [{8DDFB44F-3504-468B-B113-71E1D9D35811}] => C:\Users\Havlos\AppData\Local\Temp\7zS35AF.tmp\SymNRT.exe
FirewallRules: [{CE3DBE63-C382-433F-921C-9CFC7F60C585}] => C:\Users\Havlos\AppData\Local\Temp\7zS35AF.tmp\SymNRT.exe
FirewallRules: [{9C446F2B-831E-4EB4-9D6E-7BFE5C432400}] => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
FirewallRules: [{45669A83-C951-4288-9734-27D74C070ECA}] => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
FirewallRules: [{156B45E1-C0CC-4FF6-8495-156D211D4A5F}] => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
FirewallRules: [{D1B5F005-EA50-4BCA-9371-A968C2C90E55}] => C:\Program Files (x86)\Enigma Software Group\SpyHunter\SpyHunter\SpyHunter4.exe
FirewallRules: [{30E46ABC-C519-473F-A456-F4D527EEED00}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{301B242A-132E-468A-9EB2-1F4CDF724C6C}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{95985278-6082-4434-B29B-AB0B8A068474}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A547BD39-EE0A-4144-A26C-74C0F69DF6BE}] => C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7B277968-2928-4FB3-9D6F-2F8272C365D0}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/14/2017 03:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 03:09:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 01:34:48 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 01:19:49 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 12:28:33 PM) (Source: TrueKey) (EventID: 0) (User: )
Description: Zpracování změny relace se nezdařilo. System.ArgumentNullException: Hodnota nemůže být NULL.
v System.Threading.Monitor.Enter(Object obj)
v McAfee.YAP.Service.Common.UsersManager.GetWindowsUsers(Boolean async)
v McAfee.YAP.Service.Service.OnSessionChange(SessionChangeDescription changeDescription)
v System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, IntPtr eventData)

Error: (01/14/2017 12:27:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 12:02:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 11:51:18 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 11:37:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/14/2017 11:31:17 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\MFC80U.DLL se nezdařilo.
Závislé sestavení Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (01/14/2017 03:23:16 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Neočekávaná chyba. Kód chyby: 490@01010004

Error: (01/14/2017 03:23:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Biometric and Context Agent Service přestala během spouštění reagovat.

Error: (01/14/2017 03:20:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/14/2017 03:12:06 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Biometric and Context Agent Service přestala během spouštění reagovat.

Error: (01/14/2017 03:09:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (01/14/2017 03:07:15 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
Nepodařilo se zahájit závislou službu nebo skupinu.

Error: (01/14/2017 03:07:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1068 = Nepodařilo se zahájit závislou službu nebo skupinu. při pokusu o spuštění služby fdPHost s argumenty za účelem spuštění serveru:
{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (01/14/2017 03:07:16 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1068 = Nepodařilo se zahájit závislou službu nebo skupinu. při pokusu o spuštění služby fdPHost s argumenty za účelem spuštění serveru:
{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (01/14/2017 03:07:15 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: Služba DCOM zjistila chybu %%1068 = Nepodařilo se zahájit závislou službu nebo skupinu. při pokusu o spuštění služby netprofm s argumenty za účelem spuštění serveru:
{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (01/14/2017 02:45:05 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
AFD
AppleCharger
cdrom
CSC
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
Wanarpv6
WfpLwf
ws2ifsl


CodeIntegrity:
===================================
Date: 2016-11-05 19:33:44.032
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 19:26:21.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 18:39:34.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-05 17:01:38.007
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-02 16:51:38.796
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-02 12:35:00.511
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-02 10:25:43.332
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-11-01 20:25:53.836
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-28 16:39:48.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-10-25 16:41:10.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Phenom(tm) II X6 1090T Processor
Percentage of memory in use: 31%
Total physical RAM: 8189.55 MB
Available physical RAM: 5624.83 MB
Total Virtual: 16377.29 MB
Available Virtual: 13613.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:335.35 GB) NTFS
Drive d: () (Fixed) (Total:419.92 GB) (Free:173.98 GB) NTFS
Drive e: () (Fixed) (Total:488.28 GB) (Free:129.4 GB) NTFS
Drive f: () (Fixed) (Total:489.05 GB) (Free:106.68 GB) NTFS
Drive h: (Emergency 2017) (CDROM) (Total:8.18 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A13A0436)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: B2B9B2B9)
Partition 1: (Active) - (Size=419.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=977.3 GB) - (Type=OF Extended)

==================== End of Addition.txt ============================

[Havlos]

Vyřešeno podařilo se to odstranit HitmanPro.KickStart

[altrok]

OK, pocitac mate podle logu velice zavirovany... Je tento operacni system legalni?