Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04.03.2018
Ran by Administrator (08-03-2018 17:23:32)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 1709 16299.251 (X86) (2018-03-04 18:52:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-12593064-3215679268-4102683779-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-12593064-3215679268-4102683779-503 - Limited - Disabled)
Guest (S-1-5-21-12593064-3215679268-4102683779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-12593064-3215679268-4102683779-1002 - Limited - Enabled)
Luk (S-1-5-21-12593064-3215679268-4102683779-1000 - Limited - Enabled) => C:\Users\Luk
WDAGUtilityAccount (S-1-5-21-12593064-3215679268-4102683779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1310 (HKLM\...\{09F25F86-F957-4051-8AB2-0E0D948BBB5D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
3D Home Architect Design Suite Deluxe 8 (HKLM\...\{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}) (Version: 8.0 - Encore) Hidden
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AAC ACM Codec 1.9 (HKLM\...\AACACM) (Version: 1.9 - fccHandler)
Actual Bookmarks (HKLM\...\{933777E4-493D-4BCB-AE30-83AEAB0B40B9}) (Version: 1.5.0.0 - Andrei Barazdzin)
Adobe Acrobat  9 Standard - Czech, Hungarian, Polish, Slovak (HKLM\...\{AC76BA86-1029-4770-BA7E-000000000004}{AC76BA86-1029-4770-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM\...\Arduino) (Version: 1.8.3 - Arduino LLC)
AutoCAD 2004 (HKLM\...\{5783F2D7-0201-0405-0002-0060B0CE6BBA}) (Version: 16.0.0.086 - Autodesk)
Autodesk Express Viewer (HKLM\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
Avidemux 2.7 - 32 bits (32-bit) (HKLM\...\Avidemux 2.7 - 32 bits) (Version: 2.7.0.170814 - )
AVS Video Converter 9.2.1 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 9.2.1.579 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports  (09/27/2017 6.7.5.1893) (HKLM\...\3C57DA61F41601ACF85CC77F740AA00672E0BCD7) (Version: 09/27/2017 6.7.5.1893 - Silicon Laboratories Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
CDex - Digital Audio CD Extractor and Converter (HKLM\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
Cumulus 1.9.4 (HKLM\...\Cumulus_is1) (Version:  - Sandaysoft)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight 2016 SP0 (HKLM\...\{F9037E40-DBCF-4050-B9F7-75C5BE2037A3}) (Version: 16.0.4061 - Dassault Systemes)
Dropbox (HKLM\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Exterminate It! (HKLM\...\Exterminate It!) (Version: 2.12.06.06 - CURIOLAB S.M.B.A.)
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Pro (HKLM\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 65.0.3325.146 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.4.18.7 - HP)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 5.30 (HKLM\...\HWiNFO32_is1) (Version: 5.30 - Martin Malík - REALiX)
ImageToAVI 1.2.0.1 (HKLM\...\ImageToAVI Demo_is1) (Version:  - ASW Software)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Kalkules 1.9.4.23 (HKLM\...\{6541EA45-0665-4485-ABAA-417BC83AC92F}_is1) (Version:  - Jardo)
KeePass Password Safe 2.34 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LazyCam 3.00.2 (HKLM\...\LazyCam 3.00.2) (Version: 3.00.2 - ArtSoft Inc.)
Lenovo Phone Manager (HKLM\...\{60ED0039-C432-442B-9135-84C2D7AA2C48}) (Version: 1.4.1.14207 - Lenovo)
Lenovo_TAB_S850_V1.0.1 (HKLM\...\{D39B550E-FDD8-404D-8960-72D0894014E4}) (Version: 1.00.0000 - Unknown)
LenovoUsbDriver 1.1.23 (HKLM\...\LenovoUsbDriver) (Version: 1.1.23 - Lenovo)
Logic (HKLM\...\{65E91631-B0E2-4527-B910-60721D6D6AB0}) (Version: 1.2.11 - Saleae Inc)
Malwarebytes verze 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-12593064-3215679268-4102683779-500\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Network (HKLM\...\{75247E38-5C9B-45D6-ADF8-E11CB56B4990}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PICAXE Editor (HKLM\...\{FB132572-1F29-409D-A626-CC88E56CF7C4}) (Version: 6.08.0011 - Revolution Education Ltd)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PuTTY (HKLM\...\{ED9EF59B-0799-428E-823D-6D2B7B4FE2E0}) (Version: 0.67.0.0 - Simon Tatham)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
SafeCast Shared Components (HKLM\...\CdaC13Ba) (Version:  - Macrovision)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SketchUp 2016 (HKLM\...\{06584914-3DC6-4C37-AB84-30342BB5D93D}) (Version: 16.0.19911 - Trimble Navigation Limited)
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
SmartPropoPlus 4.1.0.4 (HKLM\...\{2E84A5A4-351E-4B00-9926-F50DBD7481E9}_is1) (Version: 4.1.0.4 - Shaul Eizikovich)
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpyRemover Pro (HKLM\...\{7B731710-F63B-407E-B650-F5093EF878AF}) (Version: 1.0.0.11 - Support King LLC) Hidden
Stardock Fences 3 (HKLM\...\Stardock Fences 3) (Version: 3.03 - Stardock Software, Inc.)
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Termite (HKLM\...\Termite) (Version:  - CompuPhase)
Těžiště 1.0 (HKLM\...\Těžiště_is1) (Version:  - Pavel König)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Traccar version 3.8 (HKLM\...\Traccar_is1) (Version: 3.8 - )
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnHackMe 9.60 (HKLM\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateAssistant (HKLM\...\{39AC698E-D924-480D-AA20-07EA3072D04B}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM\...\{9FB0C789-72AB-4AE2-B04C-34ED8B94AC4B}) (Version: 8.2.3523.0 - Atomix Productions)
vJoy Device Driver 2.1.8.36 (HKLM\...\{8E31F76F-74C3-47F1-9550-E041EEDC5FBB}_is1) (Version: 2.1.8.36 - Shaul Eizikovich)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version:  - windows-movie-maker.org)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version:  - )
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.2.2.0) (HKLM\...\Wondershare AllMyTube_is1) (Version: 4.2.2.0 - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2003-02-14] (Autodesk)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [ContextMenuExt] -> {6ADF19E3-77A3-4395-ADB4-9FD7D351EB3E} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} =>  -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0325D9C5-C0FE-4143-8F93-3F0FB702909E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {051D4010-5285-4316-BE84-45527A7DA287} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05CC6A78-3E10-49F8-BEB7-47E3105B4F28} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06800DE2-357F-4487-A529-D5FE43BA0CCC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09579780-934A-4E01-BF2C-C4147F69A658} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B81ECF9-A72D-4ACD-AEB9-48489FD5892C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {105F35F4-7620-45AB-B9F0-DD1EF07DB77B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D5452EC-F008-4E83-9BC6-F32D6DFBB7EC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21CAE2A9-89B1-48A5-99F9-8AF9729D242F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2296497C-B3A0-4D51-B1D9-34A1FC165CD0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {29614B54-BA7C-44E3-839E-363451310FC1} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe [2018-01-31] (Greatis Software)
Task: {2981B925-27ED-493E-8CFB-01BB91DFCFBD} - System32\Tasks\{2E900542-8D63-4AC1-AC56-056765B282D6} => C:\Program Files\AutoCAD 2004\acad.exe [2003-02-14] (Autodesk, Inc.)
Task: {3EF2034A-E916-499F-9220-0B7E026E4CE1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {3F9E72E3-078C-4EF3-9318-A8697EC20871} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4BF8531F-F33F-41DC-B0B7-54ADE598C24E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {51B40C19-56C4-49A3-9D64-9F5498D88CD6} - System32\Tasks\{86836F5D-54C8-431A-A371-5631424B1EA5} => C:\WINDOWS\system32\pcalua.exe -a "C:\ProgramData\FFinder LTD\products\FileFinder\uninstall\uninstall.exe"
Task: {524285E2-84B2-443F-BA55-957EA094D164} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {543CC25F-CD94-44A5-9A9F-529A67D3E246} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {56A475C5-D50A-4545-A284-3DB2C18931D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5C27D159-60D6-42A3-8269-EBAA13F0A9B8} - System32\Tasks\{622EFEF5-81FD-49B3-B94D-58E18C28E4D7} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~1\DIFX\277D1C50D2B49142\CP210xVCPInstaller_x86.exe -c /u C:\WINDOWS\System32\DriverStore\FileRepository\slabvcp.inf_x86_ab8310f5de07b344\slabvcp.inf
Task: {651E0331-278E-493C-808C-DDDC6D0DB5A4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6FF8B7D3-E26D-4CF3-AE81-25D93A2091E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {71B63F72-7E73-4DAF-9752-2EED2AB08F81} - System32\Tasks\{45ACBF88-62FA-4C44-B0B3-8D5497CA6293} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Luk\AppData\Roaming\baidu\BaiduNetdisk\uninst.exe
Task: {71DF8C6C-0517-4577-99F6-DECB7F1A2750} - System32\Tasks\{50EA218A-DC30-4917-B932-C701F4569701} => C:\WINDOWS\system32\pcalua.exe -a E:\Firefox_download\CDM_v2.12.00_WHQL_Certified.exe -d E:\Firefox_download
Task: {72A036E1-EAF7-4DD0-BC87-2BECAE3A3A97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {75013055-9361-45B2-B084-782BF0CB73C9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F935237-4AC4-450E-B1CA-71CF1F76DE4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {806DF997-4FB4-44DD-B315-CDFF92C18ADC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {81CBA33B-35F6-49E2-BC81-DFA7B43BE451} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85F3F498-4653-472E-BB62-FE39983BDBEB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {871744E9-7FAA-479A-9D45-45A17276E22D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {8B495CDD-29ED-4091-97B5-898AB18385F2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8B945B52-E292-4223-BC21-DAA59B7223EA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {915CC9B2-243A-4284-8D1B-7DE1AE00C9CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {9888C281-0A63-4EA2-9BD7-C3BF12BFEC9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C08D19C-68A1-4148-89E8-439240E8A73C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {9F31368C-C857-45B6-9150-2BAB7056BD87} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A57B3676-A079-4B7C-A865-43946AEBC47E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {A8519433-ADAC-4F85-8731-46C2A7277042} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {B05EAF45-8363-4630-8FBF-58B3B9EA7E7A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B21AF315-EA88-47FF-A010-B7682CEB412A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB554AAC-461C-4C28-91EB-8F0D674162CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC709FBF-8F6D-4F58-8E30-52561087C086} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D174E36D-38C4-4D38-904E-B5BDCC94FD06} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {D416744F-8804-470B-B6A1-8AEC2622191C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E0747D36-AD06-404B-A853-847CDA7B9627} - \Browser Updater Task(Core) -> No File <==== ATTENTION
Task: {E27208FB-DC2C-44BB-ABD4-EB590F77719C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EA1380B7-CEA3-45F1-ACAD-92BC6E85C449} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF00CDDA-7581-4B34-AE24-06D89CC7BDE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Baseflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mppkgnedeapfejgfimkdoninnofofigk
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Betaflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Cleanflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=enacoimjcgeinfnnnpajinjgmkahmfgb

==================== Loaded Modules (Whitelisted) ==============

2018-03-02 14:57 - 2017-11-29 09:11 - 001798608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-02 14:57 - 2017-11-29 09:11 - 001934792 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-02-28 10:35 - 2017-02-28 10:35 - 000033744 _____ () C:\Program Files\Support King LLC\SpyRemover Pro\Service\SpyRemoverService.exe
2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-27 21:05 - 2017-03-27 21:05 - 000081408 _____ () C:\WINDOWS\Wontrust.dll
2018-03-07 15:50 - 2018-02-22 01:12 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-07 15:49 - 2018-02-22 01:09 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000746312 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 002079048 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000100312 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000018896 _____ () C:\Program Files\Dropbox\Client\select.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000020808 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000035808 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000694232 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000130520 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001856864 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000145880 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116696 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000105944 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000063312 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024536 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000077120 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000020952 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000124888 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116184 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000392664 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000392520 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000175576 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000030168 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000043480 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000026072 _____ () C:\Program Files\Dropbox\Client\win32job.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000048600 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000057816 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021840 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023376 _____ () C:\Program Files\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022864 _____ () C:\Program Files\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000066400 _____ () C:\Program Files\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001798464 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000084944 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001959232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 003863880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000155472 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000521544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000051024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000043336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000131400 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000219984 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000204104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000025440 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000060888 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000054616 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000087904 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000028632 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000027496 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000349144 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000101704 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023904 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000025432 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000036312 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000032608 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000181064 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 000030544 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000024384 _____ () C:\Program Files\Dropbox\Client\libEGL.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 001638208 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 014419416 _____ () C:\Program Files\Dropbox\Client\opengl32sw.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-04 12:00 - 2013-07-24 09:24 - 000137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2017-12-13 23:53 - 2017-12-13 23:53 - 002306968 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2017-12-13 23:53 - 2017-12-13 23:53 - 001621400 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\TEMP:63238B95 [128]
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-18 19:20 - 2018-03-06 19:42 - 000010326 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 12finance.com
0.0.0.0 12kotov.ru
0.0.0.0 1dnscontrol.com
0.0.0.0 adsrvr.org
0.0.0.0 adsymptotic.com
0.0.0.0 adturtle.biz
0.0.0.0 advertising.com
0.0.0.0 advmaker.su
0.0.0.0 agkn.com
0.0.0.0 akisho.ru
0.0.0.0 alphashoppers.com
0.0.0.0 altocloudmedia.com
0.0.0.0 amtomil.ru
0.0.0.0 appchucklegift.com
0.0.0.0 artolpo.ru
0.0.0.0 asedownloadgate.com
0.0.0.0 atwola.com
0.0.0.0 backupcdn.com
0.0.0.0 bestapps4ever161.download
0.0.0.0 bet-booom.ru
0.0.0.0 bfmio.com
0.0.0.0 bluekai.com
0.0.0.0 bundlessafevault.com
0.0.0.0 butcaketforthen.com
0.0.0.0 buzzrin.de
0.0.0.0 bywinners.men
0.0.0.0 carettuz.info
0.0.0.0 cdndepot.com
0.0.0.0 cd-sec.com

There are 395 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-12593064-3215679268-4102683779-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "hpqSRMon"
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C0B17C0E-F2DD-4F08-97E3-22549CC7C7DB}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{1CEC4F31-904F-41EC-AA8C-6A6BFBF2A7AD}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{0ACDC7B5-A737-4EC8-B108-F0FF043BCAB4}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{5704F91D-79CD-4EDA-A3FA-1A5306EBF6AE}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{D1EAEC0C-1217-4CE9-9DD1-9265AB443FE5}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FC09131E-24E0-4EBF-89BA-26BCECAC8E02}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{50BF1C79-6A7B-4709-85F6-1D468FC0BB72}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{B35A38C2-D930-469C-94DB-3BF50870E336}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [TCP Query User{56170FCE-47B0-4A5F-8B6A-C066CDE5FB43}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [UDP Query User{FA46D993-6F5E-41C2-B08B-47D9018C7035}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [TCP Query User{9FCD3FF4-847A-4B7F-AEC5-10E735E2E5EB}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [{EA516AF5-B076-4FE5-AA07-7CD0AB848B63}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA4629CB-53FC-4CBD-B67A-264991BB52FE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D29761B9-3D5D-4CF9-BF68-6CA76EB8FE1B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{104B18CA-0E3A-4E7B-81A3-BB3C6E5BC909}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{C63C3BBD-04C8-403D-9A92-FC329EDE85FE}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [TCP Query User{CFC563F2-998E-4C9B-AFF5-1CA3A84F1492}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [UDP Query User{93A81BE8-DA80-4955-95F4-31703EAEB434}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [TCP Query User{DE553B26-4B1D-4D6E-9B0D-B4353E6ECD1C}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [UDP Query User{574A8A6A-828D-42AF-9FCB-619E26286738}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{6631441F-40B5-4592-82EC-FB095B39603C}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B50F8857-C0F7-4F55-BDDA-2256F9468E75}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [TCP Query User{30B75DBF-B2E4-41A0-A149-9ED78F0BF880}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [UDP Query User{6CD3F2C0-FB8F-4108-98C9-9F6A8C42524A}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [TCP Query User{45A03F6C-0159-48A1-8C55-6A4C988AF708}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [{AC39A7C0-03AB-4D41-87A7-F0C66E28842D}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B5C4AEB-5A2E-47FC-A606-5FAD2BE07099}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FF24114-4B12-4443-A1EF-84AA7972D766}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04857B8C-7B61-4D14-A83E-29F2D47545F0}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6AAA6A6-0899-4879-8B07-A034A7E08003}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC86D61B-2D91-42F9-812D-F2A6BF4FD20E}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{665616AD-EE67-45BA-A50E-76C72482848A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{26F66C5C-025F-436E-A6CA-9FA11A119BA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A5BCA049-A930-4AA3-AB78-860A6CD816F5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{9AC2C5A9-A43B-4936-871E-7205891AC73E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0F6B23ED-DD69-4BD2-B798-C2AC915D9F81}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{DB6C84D1-E280-44D6-B5EB-A4C289F745C5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F14EAAD7-74A7-4270-8108-EF0DA9ECA38D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{EC666B98-2AC0-4C64-94C3-8822331D3312}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{1AFDACC7-C551-48F2-ACE3-5BBFCB83A6FE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{71FCE5C9-BC2A-40BB-993E-75B40E10A4D4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5DA9F6D-F106-49D8-9105-0719D35C5C3B}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{B0418EF6-5D7E-4EE1-A74E-3007D54071F6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{96F399B1-234B-458C-B396-E8226AC35EA3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A41C4385-52AE-4E69-8DB2-3E183A99B8CC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{14EB3850-7FA8-48F0-94FE-08D33002756C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F815B4E2-E783-4E8F-A20D-3E425811DCF9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B8722279-36B6-4EA5-B2EB-BF6E621CAB86}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{66FB0280-C1B6-40DD-9361-5420370AAB7C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{985DB399-2B0B-4DEE-A627-6C8C6A4F8603}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7357C71B-FC2B-451D-837F-7CB45C419FAA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{B13D1BB2-DA4D-4855-87D1-70FB1F4A93B3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4C77CC34-9FF1-4DA8-A6C7-D4A5651559FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2944999D-2CCF-4AED-8D01-39E7B213D85F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{9B5D2A5B-5B3F-4723-88F2-739CCE73857A}] => (Allow) LPort=1900
FirewallRules: [{DF96E242-4560-4672-A699-AE9437BBE765}] => (Allow) LPort=2869
FirewallRules: [{E9EF5156-8814-4C56-8AFE-CEBFD1330AC5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37B82F63-E1C3-4636-BCB9-1CA274A53BA7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{42937002-799B-470C-8F75-6E0B470F2EA1}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{30B24B4F-EE43-4DE5-BE5F-4410ECCC1876}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{E84C78E9-BAFF-45AC-BC88-456CADEBF9EA}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{EECAA9A9-CBA0-4759-804A-3B34C81B71D5}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{884C253B-12F8-472C-A186-76D43732F40B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2018 02:23:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WINSCOPE.EXE, verze: 0.0.0.0, časové razítko: 0xa0c7236a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.248, časové razítko: 0xe173fd8d
Kód výjimky: 0xc0000374
Posun chyby: 0x000ebf4b
ID chybujícího procesu: 0x2068
Čas spuštění chybující aplikace: 0x01d3b6e02c28a268
Cesta k chybující aplikaci: C:\Users\Luk\AppData\Local\Temp\_tc\WINSCOPE.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 7d76e180-ef33-46e4-a828-697cfe799e5c
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/08/2018 01:52:09 PM) (Source: Windows Search Service) (EventID: 3083) (User: )
Description: Popisovač protokolu OneIndex nebyl načten. Popis chyby: Uvedený modul nebyl nalezen.  (HRESULT : 0x8007007e).

Error: (03/07/2018 08:24:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LukKuk)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/07/2018 01:52:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LukKuk)
Description: Balíček Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/07/2018 01:50:46 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/07/2018 01:47:38 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů Outlook. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (03/07/2018 09:41:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: LukKuk)
Description: Balíček windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel se ukončil, protože jeho pozastavování trvalo moc dlouho.

Error: (03/07/2018 09:23:01 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\AVG\Antivirus\setup\iplugins\IStats.dll se nezdařilo.
Závislé sestavení Avast.VC110.CRT,processorArchitecture="x86",publicKeyToken="2036b14a11e83e4a",type="win32",version="11.0.60610.1" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 a APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/08/2018 05:20:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-03-07 14:09:12.989
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Tiggre!rfn&threatid=2147723625&enterprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\Luk\AppData\Local\Microsoft\Windows\INetCache\Low\IE\0E2G2VJQ\FRSTLauncher[1].exe
Původ zjišťování: Internet
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LukKuk\Luk
Název procesu: C:\Program Files\Internet Explorer\iexplore.exe
Verze podpisu: AV: 1.263.124.0, AS: 1.263.124.0, NIS: 118.2.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2018-03-08 17:14:20.995
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:14:13.181
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:13:43.121
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:11:04.021
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:10:57.647
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:10:27.491
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:10:24.631
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-08 17:10:13.381
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 60%
Total physical RAM: 3063.18 MB
Available physical RAM: 1214.2 MB
Total Virtual: 4343.18 MB
Available Virtual: 2283.52 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:74.08 GB) (Free:7.24 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:639.56 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:74.53 GB) (Free:13.59 GB) NTFS

\\?\Volume{15e2610d-0000-0000-0000-308512000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 197CA533)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 15E2610D)
Partition 1: (Active) - (Size=74.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 57B3BD87)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================