Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2017
Ran by já (18-07-2017 21:05:49)
Running from C:\Users\já\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-08 19:30:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1325302123-2493504548-3556038974-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1325302123-2493504548-3556038974-503 - Limited - Disabled)
Guest (S-1-5-21-1325302123-2493504548-3556038974-501 - Limited - Disabled)
já (S-1-5-21-1325302123-2493504548-3556038974-1001 - Administrator - Enabled) => C:\Users\já

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Disabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Antivirus (Disabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Antivirus (Disabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.0.0.1 (HKLM-x32\...\YeaDesktop) (Version: 1.0.0.1 - ) <==== ATTENTION
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{315BE77E-D725-477D-9C71-63F78844363C}) (Version: 12.2.2.172 - Adobe Systems, Inc)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AVG (HKLM\...\{434FBA38-0562-4F98-9436-4B45C0C0EF0B}) (Version: 1.201.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Protection (HKLM-x32\...\AVG Antivirus) (Version: 17.4.3014 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.8.510 - AVG Technologies)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)
Facebook Gameroom 1.4.6373.26636 (HKLM-x32\...\{62E64CE0-AA1E-4F83-BC24-86D9AD6A1C30}) (Version: 1.4.6373.26636 - Facebook)
FMW 1 (HKLM\...\{8DF0D8D9-0C24-47EB-9738-376DD2705133}) (Version: 1.214.2 - AVG Technologies) Hidden
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.15.0414.1 - Vimicro)
LibreOffice 5.2.3.3 (HKLM\...\{CDBD2338-897B-432E-8424-EBC1290493DF}) (Version: 5.2.3.3 - The Document Foundation)
Microsoft OneDrive (HKU\S-1-5-21-1325302123-2493504548-3556038974-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 54.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 54.0.1 (x64 cs)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.6.0 - Microleaves) Hidden <==== ATTENTION
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.25.1-r123776-release - Plays.tv, LLC)
Pomocník při upgradu na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation)
Seznam Software (HKU\S-1-5-21-1325302123-2493504548-3556038974-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.1 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-1325302123-2493504548-3556038974-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
YTD Video Downloader 5.8.3 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.3 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers01: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-06-03] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers01: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers01: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers01: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers01: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers03: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers04: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers06: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-06-03] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers06: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers06: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0207DEE8-D73D-4870-B90E-0E15839ADC4E} - System32\Tasks\Pensian Analyser => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Pensian Analyser\Pensian Analyser.dll",LjcftxB <==== ATTENTION
Task: {11D6FBBF-1B56-4B0D-BECB-F49785AA1128} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {399863ED-AE40-4B56-9812-FB828D7729E4} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-09-16] (Advanced Micro Devices, Inc.)
Task: {3DD47A38-1310-400C-B097-6441075C1A27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {49767742-3FFE-441C-AC54-C53E8C112C7E} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\já\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4F363410-D3EC-4750-B1D7-BE30B9D95E28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {5BEAAB74-8371-46C5-BD5C-9997863E7039} - System32\Tasks\Online Application V2G3 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD)
Task: {603457D8-E80E-4A8E-B918-487036B84B64} - System32\Tasks\Online Application V2G2 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD)
Task: {6DACD14B-6DEE-4715-8DD7-A58C7B329D66} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-12] (Adobe Systems Incorporated)
Task: {784FDF27-4C0B-4582-9AAB-163DE25C208E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-07] (Google Inc.)
Task: {8D65B86B-6924-4B6C-B58B-FDC2E2624AF3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {AF1D70A3-0C97-4E45-A16D-3AB029919410} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D837AFA3-2395-408C-BF86-0D9568BD8CEB} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-06-03] (AVG Technologies CZ, s.r.o.)
Task: {EB81AAA4-64B6-4E48-B486-85A8D6EE2761} - System32\Tasks\Online Application V2G1 => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe [2017-02-07] (Microleaves LTD)
Task: {ED736AFA-0CFF-46A9-909F-CA2038996644} - System32\Tasks\Updater_Online_Application => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe [2017-04-18] (Microleaves)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Online Application V2G1.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G2.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Online Application V2G3.job => C:\Program Files (x86)\Microleaves\Online Application\Version 2.6.0\Online-Guardian.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\Updater_Online_Application.job => C:\Program Files (x86)\Microleaves\Online Application\Online Application Updater.exe <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI_ActiveScriptEventConsumer_ASEC: <==== ATTENTION

ShortcutWithArgument: C:\Users\já\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\J8D6B~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\J8D6B~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --load-extension="C:\Users\J8D6B~1\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk" hxxp://www.yeadesktopbr.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeadesktopbr.com/

==================== Loaded Modules (Whitelisted) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-16 14:36 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-18 14:00 - 2015-06-01 13:16 - 02483200 _____ () C:\Program Files\Pensian Analyser\Pensian Analyser.dll
2016-09-02 06:33 - 2017-06-16 17:25 - 00981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2016-09-21 18:47 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-18 23:28 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-18 23:30 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-18 23:30 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-18 23:30 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-07-16 14:36 - 2017-06-21 08:35 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-07-16 14:36 - 2017-06-21 08:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-19 20:35 - 2017-06-16 17:25 - 02184776 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2016-08-26 20:25 - 2016-08-26 20:25 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00020184 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2017-07-18 06:07 - 2017-07-18 11:49 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-07-18 06:07 - 2017-07-18 11:49 - 00203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-07-18 06:07 - 2017-07-18 11:49 - 43573248 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-07-18 06:07 - 2017-07-18 11:49 - 02435584 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\skypert.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-11-28 19:59 - 2016-11-28 19:59 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
2017-06-03 21:06 - 2017-06-03 21:06 - 00171344 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll
2017-06-03 21:07 - 2017-06-03 21:07 - 00999024 _____ () C:\Program Files (x86)\AVG\Antivirus\AvChrome.dll
2017-06-03 21:07 - 2017-06-03 21:07 - 67717632 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2017-06-03 21:06 - 2017-06-03 21:06 - 00178120 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll
2017-06-03 21:06 - 2017-06-03 21:06 - 00224352 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll
2017-06-03 21:06 - 2017-06-03 21:06 - 00685784 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll
2017-06-13 14:46 - 2017-06-13 14:46 - 01162752 _____ () C:\Users\já\AppData\Local\Facebook\Games\CefSharp.Core.dll
2017-06-13 14:46 - 2017-06-13 14:46 - 67197440 _____ () C:\Users\já\AppData\Local\Facebook\Games\libcef.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00084992 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtSvg.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00035328 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\simplejson._speedups.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2017-06-29 20:41 - 2017-06-29 20:41 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 02653904 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2017-06-29 20:41 - 2017-06-29 20:41 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2017-06-29 20:41 - 2017-06-29 20:41 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2017-06-13 14:46 - 2017-06-13 14:46 - 00752640 _____ () C:\Users\já\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2017-06-13 14:46 - 2017-06-13 14:46 - 01886208 _____ () C:\Users\já\AppData\Local\Facebook\Games\libglesv2.dll
2017-06-13 14:46 - 2017-06-13 14:46 - 00078848 _____ () C:\Users\já\AppData\Local\Facebook\Games\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2016-10-30 16:21 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1325302123-2493504548-3556038974-1001\Control Panel\Desktop\\Wallpaper -> F:\Tapety\036.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "WindowsDefender"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{284E4172-8B09-455D-9A68-C52FA982EF5B}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{3F7EC183-9C98-4882-86F4-9D2D7DB0F9DE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{FD9FFD74-7A5E-4C5A-B758-B36F998E3122}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{5DD33E68-4638-4F65-BC97-325F1342F83A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D8F4E4E0-29A1-4DA9-B3A7-CF339130687B}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{65C92AA3-0401-4257-932A-1B594B93364F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8F97188A-00AA-4CCC-95BC-D4AF2F0E669F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{477F9960-18B3-4054-9D29-1CFF431F267A}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{11FE02B5-99F9-4C30-8104-10A90D9F78B6}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{6142FF32-317B-4724-BAC4-7AF2B2098C41}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{86B36BBE-92DF-4CEA-9F87-842839384B98}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{B3FB7E3B-2E88-4C37-A4A5-8B35390F29CF}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{B3E568AA-C58B-45D5-88A7-2057E8134D31}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe
FirewallRules: [{3691BD85-422F-4D41-9F33-E87B26E16446}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [TCP Query User{5D8E76F7-7CE0-42C7-83AC-E88C3A4B958F}C:\program files (x86)\picosmostools\picosmostools.exe] => (Allow) C:\program files (x86)\picosmostools\picosmostools.exe
FirewallRules: [UDP Query User{9F963E1E-D400-49F2-A9CC-122BAA71E246}C:\program files (x86)\picosmostools\picosmostools.exe] => (Allow) C:\program files (x86)\picosmostools\picosmostools.exe
FirewallRules: [{A51361D5-0258-4542-85F0-8CBF52C62D91}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{97C117F1-B366-4920-9245-05213FC8BF86}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{1FC019CB-4B51-49ED-A375-5FE0724BB7AD}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{84CF4FAF-EED9-42AA-A7A9-EEB4EBB1EFE5}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{B5800580-C346-4C2A-87DE-F7E7AA474609}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{3DCD9309-EDA0-4077-8D83-BDA9BA20E2FD}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{0BAA829E-4107-4BE9-A815-6713AB836ACA}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{8317478B-BF29-41C4-ACC4-3B46BCCCA1B6}] => (Allow) C:\Windows\System32\rundll32.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/18/2017 08:58:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 08:53:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 08:26:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-I1NJ20H)
Description: Aplikaci Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App se nepovedlo aktivovat, protože došlo k chybě: -2144927141. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/18/2017 08:10:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 07:42:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 07:36:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 07:35:15 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\AVG\Antivirus\defs\17071802\aswEngin.dll se nezdařilo.
Závislé sestavení Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (07/18/2017 06:01:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-I1NJ20H)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/18/2017 05:56:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-I1NJ20H)
Description: Aplikaci Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.

Error: (07/18/2017 05:37:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-I1NJ20H)
Description: Aplikaci Microsoft.Getstarted_5.10.1441.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca se nepovedlo aktivovat, protože došlo k chybě: -2144927149. Další informace najdete v protokolu Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (07/18/2017 09:06:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: Služba Automatická konfigurace sítě WLAN zjistila při resetování nebo zotavení adaptéru omezené připojení.

 Kód: 8 0x0 0x0

Error: (07/18/2017 09:06:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: Služba Automatická konfigurace sítě WLAN zjistila při resetování nebo zotavení adaptéru omezené připojení.

 Kód: 2 0xdeaddeed 0xeeec

Error: (07/18/2017 09:06:29 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: Služba Automatická konfigurace sítě WLAN zjistila při resetování nebo zotavení adaptéru omezené připojení.

 Kód: 1 0xc 0x4

Error: (07/18/2017 08:28:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba CDPUserSvc_27c5b byla ukončena s následující chybou: 
Nespecifikovaná chyba

Error: (07/18/2017 08:28:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba AdService byla ukončena s následující chybou: 
Uvedený modul nebyl nalezen.

Error: (07/18/2017 08:26:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I1NJ20H)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2017 08:26:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I1NJ20H)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2017 08:26:43 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I1NJ20H)
Description: Server {F9717507-6651-4EDB-BFF7-AE615179BCCF} se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2017 08:26:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I1NJ20H)
Description: Server App.AppXnj15y08s32hbvwzw3sd5cvsbcgztyexk.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (07/18/2017 08:26:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2017-04-29 21:35:33.113
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:31.703
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:30.918
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:26.860
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:26.598
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:26.243
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:35:05.040
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:24:37.528
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:24:36.643
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 21:24:31.762
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 78%
Total physical RAM: 1642.9 MB
Available physical RAM: 346.87 MB
Total Virtual: 4714.9 MB
Available Virtual: 2403.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:103.47 GB) (Free:35.6 GB) NTFS
Drive d: () (Fixed) (Total:361.33 GB) (Free:263.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DFCE7FC2)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=103.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=486 MB) - (Type=27)
Partition 4: (Not Active) - (Size=361.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================