﻿Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17.01.2018
Ran by Zdenek (17-01-2018 15:41:00)
Running from C:\Users\Zdenek\Desktop
Microsoft Windows 10 Pro Version 1709 16299.192 (X86) (2017-12-14 13:47:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4082188929-3895119782-2185483832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4082188929-3895119782-2185483832-503 - Limited - Disabled)
Guest (S-1-5-21-4082188929-3895119782-2185483832-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4082188929-3895119782-2185483832-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-4082188929-3895119782-2185483832-504 - Limited - Disabled)
Zdenek (S-1-5-21-4082188929-3895119782-2185483832-1000 - Administrator - Enabled) => C:\Users\Zdenek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (HKLM\...\{23170F69-40C1-2701-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
aTube Catcher verze 3.8 (HKLM\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Cleanup Premium (HKLM\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 17.2.3724.0 - AVAST Software)
Avast Pro Antivirus (HKLM\...\Avast Antivirus) (Version: 17.9.2322 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
DiskBase 5 (HKLM\...\DiskBase 5) (Version:  - )
Driver Booster 5 (HKLM\...\Driver Booster_is1) (Version: 5.1.0 - IObit)
DU Meter (HKLM\...\dumeter3_is1) (Version:  - Hagel Technologies)
foobar2000 v1.3.11 (HKLM\...\foobar2000) (Version: 1.3.11 - Peter Pawlowski)
Freemake Audio Converter verze 1.1.8 (HKLM\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
Freemake Video Converter verze 4.1.10 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.10 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.4 - Ellora Assets Corporation)
Google Earth (HKLM\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1912 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 7.1.0.19 - IObit)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM\...\{58b3beca-b999-4f6f-a48c-81681136a620}) (Version: 14.10.25017.0 - Microsoft Corporation)
NeoDownloader Lite 2.9.4 (HKLM\...\{3CB3508A-5388-42FF-BDA6-43271D2C7F0A}_is1) (Version:  - Neowise Software)
Nero 7 Ultra Edition (HKLM\...\{F14B8ECC-BDA0-4987-9201-D7B7DBE11029}) (Version: 7.02.0936 - Nero AG)
Realtek Card Reader (HKLM\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Smart Defrag 5 (HKLM\...\Smart Defrag_is1) (Version: 5.8.0 - IObit)
TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Deployment Tools (HKLM\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} =>  -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-12-21] (AVAST Software)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight.dll [2017-05-22] (IObit)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A679DC7-8EA9-4512-A8C2-742825B0972B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {405AE617-CA82-4C9F-84AC-A33CD3484474} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5E89D379-9471-4281-BC83-263D350F6EB4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {72E712B8-00FD-4308-8693-F6CDB26B945E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-18] (Google Inc.)
Task: {894EA467-7E52-45B3-80B7-A72BBE9ECCCB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {8B17911D-D2C9-4165-B5FD-21DB89899E28} - System32\Tasks\{77F0CC73-CA94-489E-91E9-BAA6314DAEA0} => C:\Windows\system32\pcalua.exe -a C:\Users\Zdenek\AppData\Roaming\Seznam.cz\szninstall.exe -c -X
Task: {8C622CCD-FF1D-4210-B9D2-43192EF2F5E9} - System32\Tasks\Avast TUNEUP Update => C:\Program Files\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2017-12-13] (AVAST Software)
Task: {958AD4D5-329B-45E7-BE6F-4B49747AFFAA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {976F2734-3B07-4115-A1F5-62C4238888A1} - System32\Tasks\SmartDefrag_Update => C:\Program Files\IObit\Smart Defrag\AutoUpdate.exe [2017-07-28] (IObit)
Task: {9CE7E81D-31C5-4E82-AE8A-537A07BC4167} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-13] (Piriform Ltd)
Task: {A0630869-FC9F-41B1-87D0-3154FE2810AD} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {A0BCBC86-3B25-4048-A76F-E81F586CBF3F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-12-21] (AVAST Software)
Task: {A19CFF1F-DEDA-4DF6-AA2E-8DD02291085D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {A5F109A2-8AAB-4505-BA59-B9202659653A} - System32\Tasks\SafeZone scheduled Autoupdate 1463571501 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {A8F05B34-335B-4624-99F5-060F51831202} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AA23CB1F-D289-406A-B5DB-98782C49170E} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AA4C6651-1735-4829-BEF7-9203D374756E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-13] (Piriform Ltd)
Task: {B4222A88-FF5B-490F-866C-CBC6372C5460} - System32\Tasks\IObitSelfCheckTask => C:\Program Files\IObit\Smart Defrag\IObitSelfCheck.exe [2016-10-18] (IObit)
Task: {B73D28D4-B686-41AE-BA20-31F5809BC69B} - System32\Tasks\{D6745437-CAAF-43C7-9C5E-7AC1BF146348} => C:\Windows\system32\pcalua.exe -a C:\Users\Zdenek\Downloads\Apollo37zz.exe -d C:\Users\Zdenek\Downloads
Task: {BE291EF2-C98D-443B-8DE7-26279D326144} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C083AA2B-6F37-4364-B08C-76BAAA3FDA24} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {C3C79709-0D5B-479C-B00E-9E7275CEFFCD} - System32\Tasks\Driver Booster SkipUAC (Zdenek) => C:\Program Files\IObit\Driver Booster\5.1.0\DriverBooster.exe [2017-11-16] (IObit)
Task: {C9F5D2F0-6376-4D26-B0AE-BB7035BBAA84} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CF0D9A78-C093-483D-B77A-25A13F251C80} - System32\Tasks\{FEB3BBB7-86C7-4938-8E2F-290E4D9A12B6} => J:\Ú l o ž i š t ě\wab.exe [2010-10-11] (Microsoft Corporation)
Task: {CFEBB867-A8BA-45FF-B23F-A979949C6A93} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {D1653D67-7478-4141-A8A5-111DF3B0FE52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-18] (Google Inc.)
Task: {D51D955B-2223-49AD-9F69-FBD3114BB286} - System32\Tasks\{8DE37186-CBA2-4FEE-9151-654A63E89E4C} => J:\Ú l o ž i š t ě\wab.exe [2010-10-11] (Microsoft Corporation)
Task: {DDD0C773-0015-4068-A57E-0B843816B38B} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {E3D5804A-5685-4E3A-B1C9-ED6C2473C959} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-01-09] (AVAST Software)
Task: {E49B095A-A427-4BEF-9243-232B2A95E964} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E610812C-F968-4330-9153-C69434E67068} - System32\Tasks\Uninstaller_SkipUac_Zdenek => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2017-10-24] (IObit)
Task: {E63B9F49-A22B-4BFB-BE57-9142C7AEA1FF} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag\SmartDefrag.exe [2017-12-20] (IObit)
Task: {E8ABDFF4-B531-431C-A3CE-AA043A3758F7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F2088AF2-87D3-4ED6-BD28-4197F1E46F0B} - System32\Tasks\{5C7EE762-7AEF-487F-975F-50400C0A88D2} => J:\Ú l o ž i š t ě\wab.exe [2010-10-11] (Microsoft Corporation)
Task: {F489EC9D-B244-4606-9684-77B5A0B95CA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Zdenek.job => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-08-22 06:18 - 2017-05-22 11:16 - 000442144 _____ () C:\Program Files\IObit\IObit Uninstaller\madExcept_.bpl
2016-08-22 06:18 - 2017-05-22 11:16 - 000210720 _____ () C:\Program Files\IObit\IObit Uninstaller\madBasic_.bpl
2016-08-22 06:18 - 2017-05-22 11:16 - 000059680 _____ () C:\Program Files\IObit\IObit Uninstaller\madDisAsm_.bpl
2016-05-19 21:14 - 2016-01-11 17:03 - 000899872 _____ () C:\Program Files\IObit\Smart Defrag\webres.dll
2016-05-19 21:14 - 2016-01-11 17:02 - 000630048 _____ () C:\Program Files\IObit\Smart Defrag\ProductStatistics.dll
2017-12-21 17:29 - 2017-12-21 17:29 - 000057504 _____ () C:\Program Files\AVAST Software\Avast\dll_loader.dll
2017-12-21 17:29 - 2017-12-21 17:29 - 000058016 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-12-14 14:04 - 2017-12-14 14:04 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-14 14:04 - 2017-12-14 14:04 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-17 12:22 - 2017-05-22 11:17 - 000899872 _____ () C:\Program Files\IObit\IObit Uninstaller\webres.dll
2016-08-22 06:18 - 2017-05-23 18:57 - 000631584 _____ () C:\Program Files\IObit\IObit Uninstaller\ProductStatistics.dll
2016-08-22 06:18 - 2017-05-22 11:16 - 000524064 _____ () C:\Program Files\IObit\IObit Uninstaller\sqlite3.dll
2017-12-21 17:29 - 2017-12-21 17:29 - 000206152 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-04 02:43 - 2017-07-04 02:43 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-12-21 17:29 - 2017-12-21 17:29 - 000289272 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-12-21 17:29 - 2017-12-21 17:29 - 000282560 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-01-04 08:52 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files\AVAST Software\Avast Cleanup\libcef.dll
2018-01-09 04:21 - 2018-01-03 09:56 - 002195800 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\swiftshader\libglesv2.dll
2018-01-09 04:21 - 2018-01-03 09:56 - 000111448 _____ () C:\Program Files\Google\Chrome\Application\63.0.3239.132\swiftshader\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\01_CONFIG.SYS:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\01_user.js:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\log.txt:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-12-30 08:27 - 000000828 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "GrooveMonitor"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "NeroFilterCheck"
HKLM\...\StartupApproved\Run: => "IObit Malware Fighter"
HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-4082188929-3895119782-2185483832-1000\...\StartupApproved\Run: => "Dashlane"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{107A17C5-7165-433F-A3EA-A6AF5A1C70D1}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{845F1805-934F-4D49-9E0B-E173DEFD0563}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\AutoUpdate.exe
FirewallRules: [{44B1C84A-4A0B-4B78-8CE7-22B2DE343748}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{1B55E39E-04BE-4721-A42F-F60009BDFFC1}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\DBDownloader.exe
FirewallRules: [{AC52AF31-1306-48B4-9454-08BBC4922AD4}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{0D27F1EF-81BF-4422-A06D-DEFAC21D6BF1}] => (Allow) C:\Program Files\IObit\Driver Booster\5.1.0\DriverBooster.exe
FirewallRules: [{50A93EF4-074B-4E04-B266-E24EB63B51CF}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_1\SZBrowser.exe
FirewallRules: [{B61B6613-3FE8-4F25-AE77-2A9CFD36C613}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{0988526A-FEAB-4EAD-BF18-E18D4FDB077A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_1\SZBrowser.exe
FirewallRules: [{08663085-5EDC-462B-9742-C469F576FA05}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{87AA0752-DF97-476E-9B39-CE5FD7C121E4}] => (Block) LPort=445
FirewallRules: [{C6C5EA04-7C36-431A-9996-964D8372CD1C}] => (Block) LPort=445
FirewallRules: [{83F9075F-3054-4E23-BB3A-BCF421DE1431}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{B1171803-C872-4C87-B30F-748FE46CA5D8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EB847FEA-24B2-4F57-AE85-2A39B11E9E4B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{D6544A77-29AF-4F26-84C1-8B45DF49B529}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FE13588A-92AF-4364-84CB-90C89AFFC143}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

08-01-2018 02:19:25 Naplánovaný kontrolní bod
14-01-2018 00:00:38 Windows Zálohování

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/17/2018 03:29:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x598814db
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.16299.15, časové razítko: 0xff657678
Kód výjimky: 0xe0434352
Posun chyby: 0x0010c6d2
ID chybujícího procesu: 0x400
Čas spuštění chybující aplikace: 0x01d38f9f78c6edef
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 59d830f0-61bd-4e60-90f7-442f2d439d5b
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/17/2018 03:29:14 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
   na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/15/2018 09:56:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x598814db
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.16299.15, časové razítko: 0xff657678
Kód výjimky: 0xe0434352
Posun chyby: 0x0010c6d2
ID chybujícího procesu: 0x818
Čas spuštění chybující aplikace: 0x01d38e4340ab8c0a
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 727ad197-307e-46d1-bdcb-89b415f7f62e
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2018 09:56:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
   na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
   na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
   na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
   na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
   na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
   na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   na System.Threading.ThreadPoolWorkQueue.Dispatch()
   na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (01/15/2018 07:34:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.16299.192, časové razítko: 0xbfaaef78
Název chybujícího modulu: UninstallExplorer.dll_unloaded, verze: 1.0.7.16, časové razítko: 0x556c37e4
Kód výjimky: 0xc0000005
Posun chyby: 0x0002e000
ID chybujícího procesu: 0x340
Čas spuštění chybující aplikace: 0x01d389ae949bad94
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: UninstallExplorer.dll
ID zprávy: 73bda503-6a40-4d4b-996d-032cae018c07
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2018 12:01:27 AM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Zálohování nebylo úspěšné. Chyba: V umístění úložiště pro zálohování není dostatek místa pro zálohování dat. (0x80780048).

Error: (01/14/2018 12:01:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/14/2018 12:01:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/14/2018 12:01:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (01/14/2018 12:00:39 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (01/17/2018 03:37:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/17/2018 03:34:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Zjišťování interaktivních služeb byla ukončena s následující chybou: 
Nesprávná funkce.

Error: (01/17/2018 03:32:38 PM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Zdenek-PC\Zdenek (SID: S-1-5-21-4082188929-3895119782-2185483832-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2018 03:32:34 PM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Zdenek-PC\Zdenek (SID: S-1-5-21-4082188929-3895119782-2185483832-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2018 03:26:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Cleanup Premium byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (01/17/2018 03:26:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Řízení front zpráv byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (01/17/2018 03:26:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba IObit Uninstaller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/17/2018 03:23:21 PM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Zdenek-PC\Zdenek (SID: S-1-5-21-4082188929-3895119782-2185483832-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2018 03:22:51 PM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Zdenek-PC\Zdenek (SID: S-1-5-21-4082188929-3895119782-2185483832-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/17/2018 09:15:28 AM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli Zdenek-PC\Zdenek (SID: S-1-5-21-4082188929-3895119782-2185483832-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
  Date: 2018-01-10 02:25:03.098
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:03.015
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:02.936
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:02.659
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:02.621
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:02.569
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:25:00.711
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2018-01-10 02:24:59.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-16 22:33:49.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2017-12-16 22:33:49.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz
Percentage of memory in use: 80%
Total physical RAM: 2038.3 MB
Available physical RAM: 399.02 MB
Total Virtual: 4086.3 MB
Available Virtual: 2220.99 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.31 GB) (Free:165.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive j: (My Book ZT) (Fixed) (Total:930.86 GB) (Free:112.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 05E105E0)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 0002AE3F)
Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================