Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10.03.2018
Ran by Administrator (10-03-2018 20:37:49)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 1709 16299.251 (X86) (2018-03-04 18:52:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-12593064-3215679268-4102683779-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-12593064-3215679268-4102683779-503 - Limited - Disabled)
Guest (S-1-5-21-12593064-3215679268-4102683779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-12593064-3215679268-4102683779-1002 - Limited - Enabled)
Luk (S-1-5-21-12593064-3215679268-4102683779-1000 - Limited - Enabled) => C:\Users\Luk
WDAGUtilityAccount (S-1-5-21-12593064-3215679268-4102683779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1310 (HKLM\...\{09F25F86-F957-4051-8AB2-0E0D948BBB5D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
3D Home Architect Design Suite Deluxe 8 (HKLM\...\{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}) (Version: 8.0 - Encore) Hidden
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AAC ACM Codec 1.9 (HKLM\...\AACACM) (Version: 1.9 - fccHandler)
Actual Bookmarks (HKLM\...\{933777E4-493D-4BCB-AE30-83AEAB0B40B9}) (Version: 1.5.0.0 - Andrei Barazdzin)
Adobe Acrobat  9 Standard - Czech, Hungarian, Polish, Slovak (HKLM\...\{AC76BA86-1029-4770-BA7E-000000000004}{AC76BA86-1029-4770-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM\...\Arduino) (Version: 1.8.3 - Arduino LLC)
AutoCAD 2004 (HKLM\...\{5783F2D7-0201-0405-0002-0060B0CE6BBA}) (Version: 16.0.0.086 - Autodesk)
Autodesk Express Viewer (HKLM\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
Avidemux 2.7 - 32 bits (32-bit) (HKLM\...\Avidemux 2.7 - 32 bits) (Version: 2.7.0.170814 - )
AVS Video Converter 9.2.1 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 9.2.1.579 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports  (09/27/2017 6.7.5.1893) (HKLM\...\3C57DA61F41601ACF85CC77F740AA00672E0BCD7) (Version: 09/27/2017 6.7.5.1893 - Silicon Laboratories Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
CDex - Digital Audio CD Extractor and Converter (HKLM\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
Cumulus 1.9.4 (HKLM\...\Cumulus_is1) (Version:  - Sandaysoft)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight 2016 SP0 (HKLM\...\{F9037E40-DBCF-4050-B9F7-75C5BE2037A3}) (Version: 16.0.4061 - Dassault Systemes)
Dropbox (HKLM\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Exterminate It! (HKLM\...\Exterminate It!) (Version: 2.12.06.06 - CURIOLAB S.M.B.A.)
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Pro (HKLM\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 65.0.3325.146 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.4.18.7 - HP)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 5.30 (HKLM\...\HWiNFO32_is1) (Version: 5.30 - Martin Malík - REALiX)
ImageToAVI 1.2.0.1 (HKLM\...\ImageToAVI Demo_is1) (Version:  - ASW Software)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Kalkules 1.9.4.23 (HKLM\...\{6541EA45-0665-4485-ABAA-417BC83AC92F}_is1) (Version:  - Jardo)
KeePass Password Safe 2.34 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LazyCam 3.00.2 (HKLM\...\LazyCam 3.00.2) (Version: 3.00.2 - ArtSoft Inc.)
Lenovo Phone Manager (HKLM\...\{60ED0039-C432-442B-9135-84C2D7AA2C48}) (Version: 1.4.1.14207 - Lenovo)
Lenovo_TAB_S850_V1.0.1 (HKLM\...\{D39B550E-FDD8-404D-8960-72D0894014E4}) (Version: 1.00.0000 - Unknown)
LenovoUsbDriver 1.1.23 (HKLM\...\LenovoUsbDriver) (Version: 1.1.23 - Lenovo)
Logic (HKLM\...\{65E91631-B0E2-4527-B910-60721D6D6AB0}) (Version: 1.2.11 - Saleae Inc)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-12593064-3215679268-4102683779-500\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Network (HKLM\...\{75247E38-5C9B-45D6-ADF8-E11CB56B4990}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
PICAXE Editor (HKLM\...\{FB132572-1F29-409D-A626-CC88E56CF7C4}) (Version: 6.08.0011 - Revolution Education Ltd)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PuTTY (HKLM\...\{ED9EF59B-0799-428E-823D-6D2B7B4FE2E0}) (Version: 0.67.0.0 - Simon Tatham)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
SafeCast Shared Components (HKLM\...\CdaC13Ba) (Version:  - Macrovision)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SketchUp 2016 (HKLM\...\{06584914-3DC6-4C37-AB84-30342BB5D93D}) (Version: 16.0.19911 - Trimble Navigation Limited)
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpyRemover Pro (HKLM\...\{7B731710-F63B-407E-B650-F5093EF878AF}) (Version: 1.0.0.11 - Support King LLC) Hidden
Stardock Fences 3 (HKLM\...\Stardock Fences 3) (Version: 3.03 - Stardock Software, Inc.)
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Termite (HKLM\...\Termite) (Version:  - CompuPhase)
Těžiště 1.0 (HKLM\...\Těžiště_is1) (Version:  - Pavel König)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Traccar version 3.8 (HKLM\...\Traccar_is1) (Version: 3.8 - )
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnHackMe 9.60 (HKLM\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateAssistant (HKLM\...\{39AC698E-D924-480D-AA20-07EA3072D04B}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM\...\{9FB0C789-72AB-4AE2-B04C-34ED8B94AC4B}) (Version: 8.2.3523.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version:  - windows-movie-maker.org)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version:  - )
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.2.2.0) (HKLM\...\Wondershare AllMyTube_is1) (Version: 4.2.2.0 - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2003-02-14] (Autodesk)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051D4010-5285-4316-BE84-45527A7DA287} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05CC6A78-3E10-49F8-BEB7-47E3105B4F28} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06800DE2-357F-4487-A529-D5FE43BA0CCC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09579780-934A-4E01-BF2C-C4147F69A658} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B81ECF9-A72D-4ACD-AEB9-48489FD5892C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {105F35F4-7620-45AB-B9F0-DD1EF07DB77B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D5452EC-F008-4E83-9BC6-F32D6DFBB7EC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21CAE2A9-89B1-48A5-99F9-8AF9729D242F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2296497C-B3A0-4D51-B1D9-34A1FC165CD0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {29614B54-BA7C-44E3-839E-363451310FC1} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe [2018-01-31] (Greatis Software)
Task: {2981B925-27ED-493E-8CFB-01BB91DFCFBD} - System32\Tasks\{2E900542-8D63-4AC1-AC56-056765B282D6} => C:\Program Files\AutoCAD 2004\acad.exe [2003-02-14] (Autodesk, Inc.)
Task: {3EF2034A-E916-499F-9220-0B7E026E4CE1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {3F9E72E3-078C-4EF3-9318-A8697EC20871} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {51B40C19-56C4-49A3-9D64-9F5498D88CD6} - System32\Tasks\{86836F5D-54C8-431A-A371-5631424B1EA5} => C:\WINDOWS\system32\pcalua.exe -a "C:\ProgramData\FFinder LTD\products\FileFinder\uninstall\uninstall.exe"
Task: {524285E2-84B2-443F-BA55-957EA094D164} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {56A475C5-D50A-4545-A284-3DB2C18931D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5C27D159-60D6-42A3-8269-EBAA13F0A9B8} - System32\Tasks\{622EFEF5-81FD-49B3-B94D-58E18C28E4D7} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~1\DIFX\277D1C50D2B49142\CP210xVCPInstaller_x86.exe -c /u C:\WINDOWS\System32\DriverStore\FileRepository\slabvcp.inf_x86_ab8310f5de07b344\slabvcp.inf
Task: {651E0331-278E-493C-808C-DDDC6D0DB5A4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6FF8B7D3-E26D-4CF3-AE81-25D93A2091E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {71B63F72-7E73-4DAF-9752-2EED2AB08F81} - System32\Tasks\{45ACBF88-62FA-4C44-B0B3-8D5497CA6293} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Luk\AppData\Roaming\baidu\BaiduNetdisk\uninst.exe
Task: {71DF8C6C-0517-4577-99F6-DECB7F1A2750} - System32\Tasks\{50EA218A-DC30-4917-B932-C701F4569701} => C:\WINDOWS\system32\pcalua.exe -a E:\Firefox_download\CDM_v2.12.00_WHQL_Certified.exe -d E:\Firefox_download
Task: {72A036E1-EAF7-4DD0-BC87-2BECAE3A3A97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {75013055-9361-45B2-B084-782BF0CB73C9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F935237-4AC4-450E-B1CA-71CF1F76DE4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {806DF997-4FB4-44DD-B315-CDFF92C18ADC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {81CBA33B-35F6-49E2-BC81-DFA7B43BE451} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85F3F498-4653-472E-BB62-FE39983BDBEB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {871744E9-7FAA-479A-9D45-45A17276E22D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {8B495CDD-29ED-4091-97B5-898AB18385F2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {915CC9B2-243A-4284-8D1B-7DE1AE00C9CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {9888C281-0A63-4EA2-9BD7-C3BF12BFEC9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F31368C-C857-45B6-9150-2BAB7056BD87} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A57B3676-A079-4B7C-A865-43946AEBC47E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {A8519433-ADAC-4F85-8731-46C2A7277042} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {B05EAF45-8363-4630-8FBF-58B3B9EA7E7A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B21AF315-EA88-47FF-A010-B7682CEB412A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB554AAC-461C-4C28-91EB-8F0D674162CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC709FBF-8F6D-4F58-8E30-52561087C086} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D416744F-8804-470B-B6A1-8AEC2622191C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E27208FB-DC2C-44BB-ABD4-EB590F77719C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EA1380B7-CEA3-45F1-ACAD-92BC6E85C449} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FF00CDDA-7581-4B34-AE24-06D89CC7BDE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Baseflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mppkgnedeapfejgfimkdoninnofofigk
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Betaflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Cleanflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=enacoimjcgeinfnnnpajinjgmkahmfgb

==================== Loaded Modules (Whitelisted) ==============

2018-03-09 11:45 - 2018-03-01 10:31 - 001908512 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-09 11:45 - 2018-02-05 14:44 - 001935136 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-02-28 10:35 - 2017-02-28 10:35 - 000033744 _____ () C:\Program Files\Support King LLC\SpyRemover Pro\Service\SpyRemoverService.exe
2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-27 21:05 - 2017-03-27 21:05 - 000081408 _____ () C:\WINDOWS\Wontrust.dll
2018-03-07 15:50 - 2018-02-22 01:12 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-07 15:49 - 2018-02-22 01:09 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000746312 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 002079048 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000100312 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000018896 _____ () C:\Program Files\Dropbox\Client\select.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000020808 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000035808 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000694232 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000130520 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001856864 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000145880 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116696 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000105944 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000063312 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024536 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000077120 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000020952 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000124888 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116184 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000392664 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000392520 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000175576 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000030168 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000043480 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000026072 _____ () C:\Program Files\Dropbox\Client\win32job.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000048600 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000057816 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021840 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023376 _____ () C:\Program Files\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022864 _____ () C:\Program Files\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000066400 _____ () C:\Program Files\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001798464 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000084944 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001959232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 003863880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000155472 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000521544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000051024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000043336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000131400 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000219984 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000204104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000025440 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000060888 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000054616 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000087904 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000028632 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000027496 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000349144 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000101704 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023904 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000025432 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000036312 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000032608 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000181064 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 000030544 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000024384 _____ () C:\Program Files\Dropbox\Client\libEGL.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 001638208 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 014419416 _____ () C:\Program Files\Dropbox\Client\opengl32sw.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-04 12:00 - 2013-07-24 09:24 - 000137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-18 19:20 - 2018-03-09 11:29 - 000011133 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0 12finance.com
0.0.0.0 12kotov.ru
0.0.0.0 1dnscontrol.com
0.0.0.0 adsrvr.org
0.0.0.0 adsymptotic.com
0.0.0.0 adturtle.biz
0.0.0.0 advertising.com
0.0.0.0 advmaker.su
0.0.0.0 agkn.com
0.0.0.0 akisho.ru
0.0.0.0 alphashoppers.com
0.0.0.0 altocloudmedia.com
0.0.0.0 amtomil.ru
0.0.0.0 appchucklegift.com
0.0.0.0 artolpo.ru
0.0.0.0 asedownloadgate.com
0.0.0.0 atwola.com
0.0.0.0 backupcdn.com
0.0.0.0 bestapps4ever161.download
0.0.0.0 bet-booom.ru
0.0.0.0 bfmio.com
0.0.0.0 bluekai.com
0.0.0.0 bundlessafevault.com
0.0.0.0 butcaketforthen.com
0.0.0.0 buzzrin.de
0.0.0.0 bywinners.men
0.0.0.0 carettuz.info
0.0.0.0 cdndepot.com
0.0.0.0 cd-sec.com

There are 428 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-12593064-3215679268-4102683779-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "hpqSRMon"
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C0B17C0E-F2DD-4F08-97E3-22549CC7C7DB}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{1CEC4F31-904F-41EC-AA8C-6A6BFBF2A7AD}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{0ACDC7B5-A737-4EC8-B108-F0FF043BCAB4}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{5704F91D-79CD-4EDA-A3FA-1A5306EBF6AE}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{D1EAEC0C-1217-4CE9-9DD1-9265AB443FE5}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FC09131E-24E0-4EBF-89BA-26BCECAC8E02}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{50BF1C79-6A7B-4709-85F6-1D468FC0BB72}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{B35A38C2-D930-469C-94DB-3BF50870E336}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [TCP Query User{56170FCE-47B0-4A5F-8B6A-C066CDE5FB43}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [UDP Query User{FA46D993-6F5E-41C2-B08B-47D9018C7035}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [TCP Query User{9FCD3FF4-847A-4B7F-AEC5-10E735E2E5EB}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [{EA516AF5-B076-4FE5-AA07-7CD0AB848B63}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA4629CB-53FC-4CBD-B67A-264991BB52FE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D29761B9-3D5D-4CF9-BF68-6CA76EB8FE1B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{104B18CA-0E3A-4E7B-81A3-BB3C6E5BC909}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{C63C3BBD-04C8-403D-9A92-FC329EDE85FE}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [TCP Query User{CFC563F2-998E-4C9B-AFF5-1CA3A84F1492}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [UDP Query User{93A81BE8-DA80-4955-95F4-31703EAEB434}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [TCP Query User{DE553B26-4B1D-4D6E-9B0D-B4353E6ECD1C}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [UDP Query User{574A8A6A-828D-42AF-9FCB-619E26286738}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{6631441F-40B5-4592-82EC-FB095B39603C}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B50F8857-C0F7-4F55-BDDA-2256F9468E75}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [TCP Query User{30B75DBF-B2E4-41A0-A149-9ED78F0BF880}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [UDP Query User{6CD3F2C0-FB8F-4108-98C9-9F6A8C42524A}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [TCP Query User{45A03F6C-0159-48A1-8C55-6A4C988AF708}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [{AC39A7C0-03AB-4D41-87A7-F0C66E28842D}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B5C4AEB-5A2E-47FC-A606-5FAD2BE07099}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FF24114-4B12-4443-A1EF-84AA7972D766}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04857B8C-7B61-4D14-A83E-29F2D47545F0}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6AAA6A6-0899-4879-8B07-A034A7E08003}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC86D61B-2D91-42F9-812D-F2A6BF4FD20E}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{665616AD-EE67-45BA-A50E-76C72482848A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{26F66C5C-025F-436E-A6CA-9FA11A119BA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A5BCA049-A930-4AA3-AB78-860A6CD816F5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{9AC2C5A9-A43B-4936-871E-7205891AC73E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0F6B23ED-DD69-4BD2-B798-C2AC915D9F81}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{DB6C84D1-E280-44D6-B5EB-A4C289F745C5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F14EAAD7-74A7-4270-8108-EF0DA9ECA38D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{EC666B98-2AC0-4C64-94C3-8822331D3312}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{1AFDACC7-C551-48F2-ACE3-5BBFCB83A6FE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{71FCE5C9-BC2A-40BB-993E-75B40E10A4D4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5DA9F6D-F106-49D8-9105-0719D35C5C3B}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{B0418EF6-5D7E-4EE1-A74E-3007D54071F6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{96F399B1-234B-458C-B396-E8226AC35EA3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A41C4385-52AE-4E69-8DB2-3E183A99B8CC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{14EB3850-7FA8-48F0-94FE-08D33002756C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F815B4E2-E783-4E8F-A20D-3E425811DCF9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B8722279-36B6-4EA5-B2EB-BF6E621CAB86}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{66FB0280-C1B6-40DD-9361-5420370AAB7C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{985DB399-2B0B-4DEE-A627-6C8C6A4F8603}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7357C71B-FC2B-451D-837F-7CB45C419FAA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{B13D1BB2-DA4D-4855-87D1-70FB1F4A93B3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4C77CC34-9FF1-4DA8-A6C7-D4A5651559FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2944999D-2CCF-4AED-8D01-39E7B213D85F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{9B5D2A5B-5B3F-4723-88F2-739CCE73857A}] => (Allow) LPort=1900
FirewallRules: [{DF96E242-4560-4672-A699-AE9437BBE765}] => (Allow) LPort=2869
FirewallRules: [{E9EF5156-8814-4C56-8AFE-CEBFD1330AC5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37B82F63-E1C3-4636-BCB9-1CA274A53BA7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{42937002-799B-470C-8F75-6E0B470F2EA1}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{30B24B4F-EE43-4DE5-BE5F-4410ECCC1876}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{E84C78E9-BAFF-45AC-BC88-456CADEBF9EA}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{EECAA9A9-CBA0-4759-804A-3B34C81B71D5}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{884C253B-12F8-472C-A186-76D43732F40B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/10/2018 04:01:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4960,R,0) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Luk\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (03/10/2018 04:01:10 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4960,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\Luk\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/09/2018 10:33:18 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (03/09/2018 10:32:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/09/2018 10:31:42 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {b1a94828-c61c-40b8-81b7-28a76a164e68}

Error: (03/09/2018 10:30:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.16299.248, časové razítko: 0x30443efd
Název chybujícího modulu: DesktopDock.dll, verze: 3.0.3.0, časové razítko: 0x57dc460e
Kód výjimky: 0xc0000005
Posun chyby: 0x00006d36
ID chybujícího procesu: 0x17a8
Čas spuštění chybující aplikace: 0x01d3b773cc53fe67
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: c:\program files\stardock\fences\DesktopDock.dll
ID zprávy: 3afca63b-828a-44a2-a173-18697e3e623a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (03/08/2018 08:22:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SppConsole.exe verze 4.1.0.4 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 26c4

Čas spuštění: 01d3b711e3f47557

Čas ukončení: 185

Cesta k aplikaci: C:\Program Files\SmartPropoPlus\SppConsole.exe

ID hlášení: 6f4ee100-20dc-4a62-bc99-143b26ee7a59

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:

Error: (03/08/2018 06:10:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SppConsole.exe verze 4.1.0.4 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: 1e14

Čas spuštění: 01d3b6ff334501e7

Čas ukončení: 150

Cesta k aplikaci: C:\Program Files\SmartPropoPlus\SppConsole.exe

ID hlášení: bf6d6716-328f-4bf1-8edb-ab148c981fa0

Úplný název balíčku s chybou: 

ID aplikace související s balíčkem s chybou:


System errors:
=============
Error: (03/10/2018 08:32:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:32:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:32:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:32:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:27:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:27:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:27:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/10/2018 08:27:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2018-03-10 12:28:57.145
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1A78AEAA-9E88-4052-88A5-79A7BB2AF0AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-03-10 02:53:17.818
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Agent&threatid=2147488393&enterprise=0
Název: TrojanDropper:Win32/Agent
ID: 2147488393
Závažnost: Vážné
Kategorie: Trojský program rozesílající soubory
Cesta: file:_C:\ProgramData\Malwarebytes\MBAMService\cc813348-2405-11e8-b6e1-00173158a335
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-10 02:53:16.617
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Harnig.gen!G&threatid=91895&enterprise=0
Název: TrojanDownloader:Win32/Harnig.gen!G
ID: 91895
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\ProgramData\Malwarebytes\MBAMService\cb89e930-2405-11e8-90db-00173158a335->(UPX)
Původ zjišťování: Místní počítač
Typ zjišťování: Obecný
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-09 20:58:45.933
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451&enterprise=0
Název: BrowserModifier:Win32/Neobar
ID: 225451
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_E:\ZALOHA PC Disk C\Users\UpdatusUser\Application Data\Opera Software\Opera Stable\Extensions\mlepmakjdoedngidjlanekmdkllganmg\1.0.0.72_0\files\popup.js
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-09 20:46:16.465
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451&enterprise=0
Název: BrowserModifier:Win32/Neobar
ID: 225451
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_E:\ZALOHA PC Disk C\Users\UpdatusUser\Application Data\Opera Software\Opera Stable\Extensions\mlepmakjdoedngidjlanekmdkllganmg\1.0.0.72_0\files\popup.js
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2018-03-10 16:40:42.436
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:37:26.826
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:37:24.935
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:36:58.588
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:36:57.914
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:36:44.142
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 16:36:43.741
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-10 11:42:34.525
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 3063.18 MB
Available physical RAM: 1633.91 MB
Total Virtual: 4023.18 MB
Available Virtual: 2498.33 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:74.08 GB) (Free:11.39 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:638.72 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:74.53 GB) (Free:13.6 GB) NTFS

\\?\Volume{15e2610d-0000-0000-0000-308512000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 197CA533)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 15E2610D)
Partition 1: (Active) - (Size=74.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 57B3BD87)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================