Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11.03.2018 01
Ran by Administrator (12-03-2018 14:54:36)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 1709 16299.251 (X86) (2018-03-04 18:52:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-12593064-3215679268-4102683779-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-12593064-3215679268-4102683779-503 - Limited - Disabled)
Guest (S-1-5-21-12593064-3215679268-4102683779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-12593064-3215679268-4102683779-1002 - Limited - Enabled)
Luk (S-1-5-21-12593064-3215679268-4102683779-1000 - Limited - Enabled) => C:\Users\Luk
WDAGUtilityAccount (S-1-5-21-12593064-3215679268-4102683779-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1310 (HKLM\...\{09F25F86-F957-4051-8AB2-0E0D948BBB5D}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{0B7A4B67-2A38-42B1-9857-662FAB361E08}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{FDF9A959-241A-4662-A8DE-7DED9C22D160}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}) (Version:  - Microsoft) Hidden
32 Bit HP CIO Components Installer (HKLM\...\{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}) (Version: 6.1.1 - Hewlett-Packard) Hidden
3D Home Architect Design Suite Deluxe 8 (HKLM\...\{83EC8AE9-53A6-474D-95AF-8F5116CC9C4E}) (Version: 8.0 - Encore) Hidden
7-Zip 16.04 (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AAC ACM Codec 1.9 (HKLM\...\AACACM) (Version: 1.9 - fccHandler)
Actual Bookmarks (HKLM\...\{933777E4-493D-4BCB-AE30-83AEAB0B40B9}) (Version: 1.5.0.0 - Andrei Barazdzin)
Adobe Acrobat  9 Standard - Czech, Hungarian, Polish, Slovak (HKLM\...\{AC76BA86-1029-4770-BA7E-000000000004}{AC76BA86-1029-4770-BA7E-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Flash Player 28 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version:  - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version:  - Microsoft)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM\...\Arduino) (Version: 1.8.3 - Arduino LLC)
AutoCAD 2004 (HKLM\...\{5783F2D7-0201-0405-0002-0060B0CE6BBA}) (Version: 16.0.0.086 - Autodesk)
Autodesk Express Viewer (HKLM\...\Autodesk Express Viewer) (Version: 3.1 - Autodesk, Inc.)
Avidemux 2.7 - 32 bits (32-bit) (HKLM\...\Avidemux 2.7 - 32 bits) (Version: 2.7.0.170814 - )
AVS Video Converter 9.2.1 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: 9.2.1.579 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports  (09/27/2017 6.7.5.1893) (HKLM\...\3C57DA61F41601ACF85CC77F740AA00672E0BCD7) (Version: 09/27/2017 6.7.5.1893 - Silicon Laboratories Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.72.1082 - AB Team, d.o.o.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.40 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6623 - CDBurnerXP)
CDex - Digital Audio CD Extractor and Converter (HKLM\...\CDex) (Version: 1.82.0.2016 - CDex.mu)
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CorelDRAW Graphics Suite 12 (HKLM\...\{505AFDC0-5E72-4928-8368-5DEA385E3647}) (Version: 12.0.0.536 - Corel Corporation)
Cumulus 1.9.4 (HKLM\...\Cumulus_is1) (Version:  - Sandaysoft)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DraftSight 2016 SP0 (HKLM\...\{F9037E40-DBCF-4050-B9F7-75C5BE2037A3}) (Version: 16.0.4061 - Dassault Systemes)
Dropbox (HKLM\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Exterminate It! (HKLM\...\Exterminate It!) (Version: 2.12.06.06 - CURIOLAB S.M.B.A.)
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics) Hidden
Flash Loader Demonstrator V2.4.0 (HKLM\...\InstallShield_{232BE5F9-6BFA-4915-AB15-A872B64FD507}) (Version: 2.4.0 - STMicroelectronics)
Fotogalerie (HKLM\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 8.1.4.1208 - Foxit Software Inc.)
GIMP 2.6.8 (HKLM\...\WinGimp-2.0_is1) (Version:  - )
Google Earth Pro (HKLM\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Chrome (HKLM\...\Google Chrome) (Version: 65.0.3325.146 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.2.8.25 - HP)
HP Support Solutions Framework (HKLM\...\{3D6FF65E-EE93-4D90-B5D7-0DC856E2AFEB}) (Version: 12.4.18.7 - HP)
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO32 Version 5.30 (HKLM\...\HWiNFO32_is1) (Version: 5.30 - Martin Malík - REALiX)
ImageToAVI 1.2.0.1 (HKLM\...\ImageToAVI Demo_is1) (Version:  - ASW Software)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Kalkules 1.9.4.23 (HKLM\...\{6541EA45-0665-4485-ABAA-417BC83AC92F}_is1) (Version:  - Jardo)
KeePass Password Safe 2.34 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
K-Lite Mega Codec Pack 12.3.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.3.5 - KLCP)
LazyCam 3.00.2 (HKLM\...\LazyCam 3.00.2) (Version: 3.00.2 - ArtSoft Inc.)
Lenovo Phone Manager (HKLM\...\{60ED0039-C432-442B-9135-84C2D7AA2C48}) (Version: 1.4.1.14207 - Lenovo)
Lenovo_TAB_S850_V1.0.1 (HKLM\...\{D39B550E-FDD8-404D-8960-72D0894014E4}) (Version: 1.00.0000 - Unknown)
LenovoUsbDriver 1.1.23 (HKLM\...\LenovoUsbDriver) (Version: 1.1.23 - Lenovo)
Logic (HKLM\...\{65E91631-B0E2-4527-B910-60721D6D6AB0}) (Version: 1.2.11 - Saleae Inc)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-12593064-3215679268-4102683779-500\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Network (HKLM\...\{75247E38-5C9B-45D6-ADF8-E11CB56B4990}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
One Click Root (HKLM\...\{6EAD0BE5-D1CF-4BE8-A66F-53FE9B8D89CC}) (Version: 1.0.0.5 - One Click Root)
PICAXE Editor (HKLM\...\{FB132572-1F29-409D-A626-CC88E56CF7C4}) (Version: 6.08.0011 - Revolution Education Ltd)
Pinnacle VideoSpin (HKLM\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
Pomocník při upgradu na Windows 10 (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17323 - Microsoft Corporation)
PowerISO (HKLM\...\PowerISO) (Version: 7.0 - Power Software Ltd)
PuTTY (HKLM\...\{ED9EF59B-0799-428E-823D-6D2B7B4FE2E0}) (Version: 0.67.0.0 - Simon Tatham)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Realterm 2.0.0.70_SignedWrapper (HKLM\...\Realterm) (Version: 2.0.0.70_SignedWrapper - Broadcast Equipment)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
SafeCast Shared Components (HKLM\...\CdaC13Ba) (Version:  - Macrovision)
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SketchUp 2016 (HKLM\...\{06584914-3DC6-4C37-AB84-30342BB5D93D}) (Version: 16.0.19911 - Trimble Navigation Limited)
SketchUp 8 (HKLM\...\{8EB62C87-AAA6-4850-A5BC-64155884B973}) (Version: 3.0.16846 - Trimble Navigation Limited)
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpyRemover Pro (HKLM\...\{7B731710-F63B-407E-B650-F5093EF878AF}) (Version: 1.0.0.11 - Support King LLC) Hidden
Stardock Fences 3 (HKLM\...\Stardock Fences 3) (Version: 3.03 - Stardock Software, Inc.)
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
TeamViewer 12 (HKLM\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Termite (HKLM\...\Termite) (Version:  - CompuPhase)
Těžiště 1.0 (HKLM\...\Těžiště_is1) (Version:  - Pavel König)
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Traccar version 3.8 (HKLM\...\Traccar_is1) (Version: 3.8 - )
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnHackMe 9.60 (HKLM\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
UpdateAssistant (HKLM\...\{39AC698E-D924-480D-AA20-07EA3072D04B}) (Version: 1.12.0.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VirtualDJ 8 (HKLM\...\{9FB0C789-72AB-4AE2-B04C-34ED8B94AC4B}) (Version: 8.2.3523.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version:  - windows-movie-maker.org)
Windows Setup Remediations (x86) (KB4023057) (HKLM\...\{49cd2afd-8679-48a5-90ab-e7044bee2465}.sdb) (Version:  - )
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.2.2.0) (HKLM\...\Wondershare AllMyTube_is1) (Version: 4.2.2.0 - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2003-02-14] (Autodesk)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers1: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files\Common Files\AVSMedia\ActiveX\AVSShellConverter.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers4: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files\Dropbox\Client\DropboxExt.19.0.dll [2018-02-26] (Dropbox, Inc.)
ContextMenuHandlers5: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll [2008-06-11] (Adobe Systems Inc.)
ContextMenuHandlers6: [FencesShellExt] -> {1984DD45-52CF-49cd-AB77-18F378FEA264} => C:\Program Files\Stardock\Fences\FencesMenu.dll [2016-09-16] (Stardock)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x86.dll [2016-11-14] (Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2018-02-11] (Power Software Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {051D4010-5285-4316-BE84-45527A7DA287} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {05CC6A78-3E10-49F8-BEB7-47E3105B4F28} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06800DE2-357F-4487-A529-D5FE43BA0CCC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {0951B2BF-10E4-43FF-B9E9-5CA73B601274} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {09579780-934A-4E01-BF2C-C4147F69A658} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B81ECF9-A72D-4ACD-AEB9-48489FD5892C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {105F35F4-7620-45AB-B9F0-DD1EF07DB77B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1D5452EC-F008-4E83-9BC6-F32D6DFBB7EC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {21CAE2A9-89B1-48A5-99F9-8AF9729D242F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2296497C-B3A0-4D51-B1D9-34A1FC165CD0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {29614B54-BA7C-44E3-839E-363451310FC1} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files\UnHackMe\hackmon.exe [2018-01-31] (Greatis Software)
Task: {2981B925-27ED-493E-8CFB-01BB91DFCFBD} - System32\Tasks\{2E900542-8D63-4AC1-AC56-056765B282D6} => C:\Program Files\AutoCAD 2004\acad.exe [2003-02-14] (Autodesk, Inc.)
Task: {3BF7C3DA-2009-42EB-8D48-FB888B8269E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {3EF2034A-E916-499F-9220-0B7E026E4CE1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {3F9E72E3-078C-4EF3-9318-A8697EC20871} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {51B40C19-56C4-49A3-9D64-9F5498D88CD6} - System32\Tasks\{86836F5D-54C8-431A-A371-5631424B1EA5} => C:\WINDOWS\system32\pcalua.exe -a "C:\ProgramData\FFinder LTD\products\FileFinder\uninstall\uninstall.exe"
Task: {524285E2-84B2-443F-BA55-957EA094D164} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-07] (Adobe Systems Incorporated)
Task: {56A475C5-D50A-4545-A284-3DB2C18931D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {5C27D159-60D6-42A3-8269-EBAA13F0A9B8} - System32\Tasks\{622EFEF5-81FD-49B3-B94D-58E18C28E4D7} => C:\WINDOWS\system32\pcalua.exe -a C:\PROGRA~1\DIFX\277D1C50D2B49142\CP210xVCPInstaller_x86.exe -c /u C:\WINDOWS\System32\DriverStore\FileRepository\slabvcp.inf_x86_ab8310f5de07b344\slabvcp.inf
Task: {651E0331-278E-493C-808C-DDDC6D0DB5A4} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {6FF8B7D3-E26D-4CF3-AE81-25D93A2091E5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-02-07] (Piriform Ltd)
Task: {71B63F72-7E73-4DAF-9752-2EED2AB08F81} - System32\Tasks\{45ACBF88-62FA-4C44-B0B3-8D5497CA6293} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Luk\AppData\Roaming\baidu\BaiduNetdisk\uninst.exe
Task: {71DF8C6C-0517-4577-99F6-DECB7F1A2750} - System32\Tasks\{50EA218A-DC30-4917-B932-C701F4569701} => C:\WINDOWS\system32\pcalua.exe -a E:\Firefox_download\CDM_v2.12.00_WHQL_Certified.exe -d E:\Firefox_download
Task: {72A036E1-EAF7-4DD0-BC87-2BECAE3A3A97} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {75013055-9361-45B2-B084-782BF0CB73C9} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7F935237-4AC4-450E-B1CA-71CF1F76DE4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {806DF997-4FB4-44DD-B315-CDFF92C18ADC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {81CBA33B-35F6-49E2-BC81-DFA7B43BE451} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {85F3F498-4653-472E-BB62-FE39983BDBEB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {871744E9-7FAA-479A-9D45-45A17276E22D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {8B495CDD-29ED-4091-97B5-898AB18385F2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {915CC9B2-243A-4284-8D1B-7DE1AE00C9CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-02-07] (Piriform Ltd)
Task: {9888C281-0A63-4EA2-9BD7-C3BF12BFEC9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C64ABA5-B560-4FF7-AC06-10C0F5681036} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {9F31368C-C857-45B6-9150-2BAB7056BD87} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {A57B3676-A079-4B7C-A865-43946AEBC47E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-04-25] (Dropbox, Inc.)
Task: {A8519433-ADAC-4F85-8731-46C2A7277042} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-23] (Google Inc.)
Task: {B05EAF45-8363-4630-8FBF-58B3B9EA7E7A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B21AF315-EA88-47FF-A010-B7682CEB412A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CB554AAC-461C-4C28-91EB-8F0D674162CB} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {CC709FBF-8F6D-4F58-8E30-52561087C086} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D416744F-8804-470B-B6A1-8AEC2622191C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E27208FB-DC2C-44BB-ABD4-EB590F77719C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {EA1380B7-CEA3-45F1-ACAD-92BC6E85C449} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F23E0BAB-A3F4-4797-ADF3-A517D1E7717C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-07] (Microsoft Corporation)
Task: {FF00CDDA-7581-4B34-AE24-06D89CC7BDE2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Baseflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=mppkgnedeapfejgfimkdoninnofofigk
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Betaflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=kdaghagfopacdngbohiknlhcocjccjao
ShortcutWithArgument: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Cleanflight - Configurator.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=enacoimjcgeinfnnnpajinjgmkahmfgb

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 12:49 - 2017-09-29 12:49 - 000149840 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-02-28 10:35 - 2017-02-28 10:35 - 000033744 _____ () C:\Program Files\Support King LLC\SpyRemover Pro\Service\SpyRemoverService.exe
2018-03-09 11:45 - 2018-02-05 14:44 - 001935136 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-03-09 11:45 - 2018-03-01 10:31 - 001908512 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-27 21:05 - 2017-03-27 21:05 - 000081408 _____ () C:\WINDOWS\Wontrust.dll
2018-03-07 15:50 - 2018-02-22 01:12 - 007817728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-07 15:49 - 2018-02-22 01:09 - 001518592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000746312 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 002079048 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000100312 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000018896 _____ () C:\Program Files\Dropbox\Client\select.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000020808 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000035808 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000694232 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000130520 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001856864 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000145880 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116696 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 000105944 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022872 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000063312 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024536 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000077120 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000020952 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000124888 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000116184 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000392664 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000392520 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000175576 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000030168 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000043480 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000026072 _____ () C:\Program Files\Dropbox\Client\win32job.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000048600 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000057816 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021840 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023376 _____ () C:\Program Files\Dropbox\Client\winshell.compiled._winshell.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022864 _____ () C:\Program Files\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000066400 _____ () C:\Program Files\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001798464 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000084944 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 001959232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 003863880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000155472 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000521544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000051024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000043336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000131400 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000219984 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000204104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000025440 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000060888 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000054616 _____ () C:\Program Files\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022880 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000087904 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000028632 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000022368 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000027496 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000349144 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000101704 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-02-28 19:50 - 2018-02-26 12:27 - 000023904 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000025432 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000036312 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000032608 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2018-02-28 19:50 - 2018-02-26 12:24 - 000293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000021856 _____ () C:\Program Files\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000181064 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 000030544 _____ () C:\Program Files\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-02-28 19:50 - 2018-02-26 12:26 - 000024384 _____ () C:\Program Files\Dropbox\Client\libEGL.DLL
2018-02-28 19:50 - 2018-02-26 12:26 - 001638208 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2018-02-28 19:50 - 2018-02-26 12:24 - 014419416 _____ () C:\Program Files\Dropbox\Client\opengl32sw.dll
2018-02-28 19:50 - 2018-02-26 12:26 - 000026464 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-02-04 12:00 - 2013-07-24 09:24 - 000137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-12-18 19:20 - 2018-03-12 13:11 - 000011284 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost
0.0.0.0 0x1f4b0.com
0.0.0.0 1q2w3.fun
0.0.0.0 1q2w3.website
0.0.0.0 2giga.link
0.0.0.0 8jd2lfsq.me
0.0.0.0 adless.io
0.0.0.0 ad-miner.com
0.0.0.0 adrenali.gq
0.0.0.0 afflow.18-plus.net
0.0.0.0 afminer.com
0.0.0.0 ajplugins.com
0.0.0.0 akvideo.stream
0.0.0.0 altavista.ovh
0.0.0.0 analytics.blue
0.0.0.0 andlache.com
0.0.0.0 anime.reactor.cc
0.0.0.0 a-o.ninja
0.0.0.0 api.inwemo.com
0.0.0.0 aservices.party
0.0.0.0 audioknigi.club
0.0.0.0 auroramine.com
0.0.0.0 authedmine.com
0.0.0.0 azvjudwr.info
0.0.0.0 bablace.com
0.0.0.0 baiduccdn1.com
0.0.0.0 becanium.com
0.0.0.0 befirstcdn.com
0.0.0.0 berateveng.ru
0.0.0.0 bestmobiworld.com

There are 434 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-12593064-3215679268-4102683779-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "hpqSRMon"
HKLM\...\StartupApproved\Run: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run: => "seznam-listicka-distribuce"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C0B17C0E-F2DD-4F08-97E3-22549CC7C7DB}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{1CEC4F31-904F-41EC-AA8C-6A6BFBF2A7AD}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{0ACDC7B5-A737-4EC8-B108-F0FF043BCAB4}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\VideoSpin.exe
FirewallRules: [{5704F91D-79CD-4EDA-A3FA-1A5306EBF6AE}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{D1EAEC0C-1217-4CE9-9DD1-9265AB443FE5}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\umi.exe
FirewallRules: [{FC09131E-24E0-4EBF-89BA-26BCECAC8E02}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [{50BF1C79-6A7B-4709-85F6-1D468FC0BB72}] => (Allow) C:\Program Files\Pinnacle\VideoSpin\Programs\RM.exe
FirewallRules: [UDP Query User{B35A38C2-D930-469C-94DB-3BF50870E336}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [TCP Query User{56170FCE-47B0-4A5F-8B6A-C066CDE5FB43}C:\program files\wondershare\allmytube\urlreqservice.exe] => (Allow) C:\program files\wondershare\allmytube\urlreqservice.exe
FirewallRules: [UDP Query User{FA46D993-6F5E-41C2-B08B-47D9018C7035}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [TCP Query User{9FCD3FF4-847A-4B7F-AEC5-10E735E2E5EB}C:\program files\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files\wondershare\allmytube\allmytube.exe
FirewallRules: [{EA516AF5-B076-4FE5-AA07-7CD0AB848B63}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CA4629CB-53FC-4CBD-B67A-264991BB52FE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D29761B9-3D5D-4CF9-BF68-6CA76EB8FE1B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{104B18CA-0E3A-4E7B-81A3-BB3C6E5BC909}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{C63C3BBD-04C8-403D-9A92-FC329EDE85FE}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [TCP Query User{CFC563F2-998E-4C9B-AFF5-1CA3A84F1492}C:\program files\magicplus\magicplus.exe] => (Allow) C:\program files\magicplus\magicplus.exe
FirewallRules: [UDP Query User{93A81BE8-DA80-4955-95F4-31703EAEB434}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [TCP Query User{DE553B26-4B1D-4D6E-9B0D-B4353E6ECD1C}E:\firefox_download\hercules_3-2-8 (1).exe] => (Allow) E:\firefox_download\hercules_3-2-8 (1).exe
FirewallRules: [UDP Query User{574A8A6A-828D-42AF-9FCB-619E26286738}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [TCP Query User{6631441F-40B5-4592-82EC-FB095B39603C}C:\program files\arduino\java\bin\javaw.exe] => (Allow) C:\program files\arduino\java\bin\javaw.exe
FirewallRules: [UDP Query User{B50F8857-C0F7-4F55-BDDA-2256F9468E75}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [TCP Query User{30B75DBF-B2E4-41A0-A149-9ED78F0BF880}E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe] => (Allow) E:\zaloha pc disk c\program files\arduino-1.0.6\java\bin\javaw.exe
FirewallRules: [UDP Query User{6CD3F2C0-FB8F-4108-98C9-9F6A8C42524A}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [TCP Query User{45A03F6C-0159-48A1-8C55-6A4C988AF708}E:\firefox_download\hercules_3-2-8.exe] => (Block) E:\firefox_download\hercules_3-2-8.exe
FirewallRules: [{AC39A7C0-03AB-4D41-87A7-F0C66E28842D}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B5C4AEB-5A2E-47FC-A606-5FAD2BE07099}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FF24114-4B12-4443-A1EF-84AA7972D766}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04857B8C-7B61-4D14-A83E-29F2D47545F0}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D6AAA6A6-0899-4879-8B07-A034A7E08003}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC86D61B-2D91-42F9-812D-F2A6BF4FD20E}] => (Allow) C:\Users\Luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{665616AD-EE67-45BA-A50E-76C72482848A}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{26F66C5C-025F-436E-A6CA-9FA11A119BA6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A5BCA049-A930-4AA3-AB78-860A6CD816F5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{9AC2C5A9-A43B-4936-871E-7205891AC73E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{0F6B23ED-DD69-4BD2-B798-C2AC915D9F81}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{DB6C84D1-E280-44D6-B5EB-A4C289F745C5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{F14EAAD7-74A7-4270-8108-EF0DA9ECA38D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{EC666B98-2AC0-4C64-94C3-8822331D3312}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{1AFDACC7-C551-48F2-ACE3-5BBFCB83A6FE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{71FCE5C9-BC2A-40BB-993E-75B40E10A4D4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{B5DA9F6D-F106-49D8-9105-0719D35C5C3B}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{B0418EF6-5D7E-4EE1-A74E-3007D54071F6}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{96F399B1-234B-458C-B396-E8226AC35EA3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{A41C4385-52AE-4E69-8DB2-3E183A99B8CC}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{14EB3850-7FA8-48F0-94FE-08D33002756C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{F815B4E2-E783-4E8F-A20D-3E425811DCF9}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B8722279-36B6-4EA5-B2EB-BF6E621CAB86}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{66FB0280-C1B6-40DD-9361-5420370AAB7C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{985DB399-2B0B-4DEE-A627-6C8C6A4F8603}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{7357C71B-FC2B-451D-837F-7CB45C419FAA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{B13D1BB2-DA4D-4855-87D1-70FB1F4A93B3}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{4C77CC34-9FF1-4DA8-A6C7-D4A5651559FA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2944999D-2CCF-4AED-8D01-39E7B213D85F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{9B5D2A5B-5B3F-4723-88F2-739CCE73857A}] => (Allow) LPort=1900
FirewallRules: [{DF96E242-4560-4672-A699-AE9437BBE765}] => (Allow) LPort=2869
FirewallRules: [{E9EF5156-8814-4C56-8AFE-CEBFD1330AC5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37B82F63-E1C3-4636-BCB9-1CA274A53BA7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777935}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA9}}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{85B34758-97A3-4a63-832A-9825D8777934}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{9187CF69-6824-487d-A9F0-AFF5C2C29BA8}}] => (Allow) C:\Program Files\UnHackMe\regruninfo.exe
FirewallRules: [{42937002-799B-470C-8F75-6E0B470F2EA1}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{30B24B4F-EE43-4DE5-BE5F-4410ECCC1876}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{E84C78E9-BAFF-45AC-BC88-456CADEBF9EA}] => (Allow) C:\Program Files\UnHackMe\RegRunInfo.exe
FirewallRules: [{EECAA9A9-CBA0-4759-804A-3B34C81B71D5}] => (Allow) C:\Program Files\UnHackMe\wu.exe
FirewallRules: [{884C253B-12F8-472C-A186-76D43732F40B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

11-03-2018 09:48:57 Installed One Click Root

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/11/2018 05:34:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MicrosoftEdgeCP.exe, verze: 11.0.16299.251, časové razítko: 0x5a8e09f3
Název chybujícího modulu: edgehtml.dll, verze: 11.0.16299.248, časové razítko: 0x2bf883f5
Kód výjimky: 0xc0000005
Posun chyby: 0x0055910b
ID chybujícího procesu: 0x207c
Čas spuštění chybující aplikace: 0x01d3b956bb60f7ab
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\edgehtml.dll
ID zprávy: 176c4bca-2841-4ab1-b3e7-e9d22e171722
Úplný název chybujícího balíčku: Microsoft.MicrosoftEdge_41.16299.248.0_neutral__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: ContentProcess

Error: (03/11/2018 09:49:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/10/2018 04:01:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhostw (4960,R,0) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Luk\AppData\Local\Microsoft\Windows\WebCache\V01.log došlo k chybě -1032 (0xfffffbf8).

Error: (03/10/2018 04:01:10 PM) (Source: ESENT) (EventID: 490) (User: )
Description: taskhostw (4960,R,0) WebCacheLocal: Pokus o otevření souboru C:\Users\Luk\AppData\Local\Microsoft\Windows\WebCache\V01.log pro čtení nebo zápis selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/09/2018 10:33:18 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.


Operace:
   Spouštění asynchronní operace

Kontext:
   Aktuální stav: DoSnapshotSet

Error: (03/09/2018 10:32:07 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (03/09/2018 10:31:42 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
   Shromažďování dat modulu pro zápis

Kontext:
   ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
   Název modulu pro zápis: System Writer
   ID instance modulu pro zápis: {b1a94828-c61c-40b8-81b7-28a76a164e68}

Error: (03/09/2018 10:30:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.16299.248, časové razítko: 0x30443efd
Název chybujícího modulu: DesktopDock.dll, verze: 3.0.3.0, časové razítko: 0x57dc460e
Kód výjimky: 0xc0000005
Posun chyby: 0x00006d36
ID chybujícího procesu: 0x17a8
Čas spuštění chybující aplikace: 0x01d3b773cc53fe67
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: c:\program files\stardock\fences\DesktopDock.dll
ID zprávy: 3afca63b-828a-44a2-a173-18697e3e623a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/12/2018 01:10:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WarpJITSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/12/2018 01:06:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/12/2018 01:06:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/12/2018 01:06:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/12/2018 01:06:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/12/2018 01:05:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\WINDOWS\system32\athExt.dll
Kód chyby: 126

Error: (03/12/2018 01:05:27 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT AUTHORITY)
Description: Některé funkce řízení napájení při činnosti procesoru byly zakázány z důvodu potíží s firmwarem. Požádejte výrobce počítače o aktualizovaný firmware.

Error: (03/12/2018 01:04:18 PM) (Source: DCOM) (EventID: 10010) (User: LukKuk)
Description: Server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2018-03-10 12:28:57.145
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {1A78AEAA-9E88-4052-88A5-79A7BB2AF0AC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2018-03-10 02:53:17.818
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDropper:Win32/Agent&threatid=2147488393&enterprise=0
Název: TrojanDropper:Win32/Agent
ID: 2147488393
Závažnost: Vážné
Kategorie: Trojský program rozesílající soubory
Cesta: file:_C:\ProgramData\Malwarebytes\MBAMService\cc813348-2405-11e8-b6e1-00173158a335
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-10 02:53:16.617
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=TrojanDownloader:Win32/Harnig.gen!G&threatid=91895&enterprise=0
Název: TrojanDownloader:Win32/Harnig.gen!G
ID: 91895
Závažnost: Vážné
Kategorie: Trojský stahovací program
Cesta: file:_C:\ProgramData\Malwarebytes\MBAMService\cb89e930-2405-11e8-90db-00173158a335->(UPX)
Původ zjišťování: Místní počítač
Typ zjišťování: Obecný
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-09 20:58:45.933
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451&enterprise=0
Název: BrowserModifier:Win32/Neobar
ID: 225451
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_E:\ZALOHA PC Disk C\Users\UpdatusUser\Application Data\Opera Software\Opera Stable\Extensions\mlepmakjdoedngidjlanekmdkllganmg\1.0.0.72_0\files\popup.js
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-09 20:46:16.465
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=BrowserModifier:Win32/Neobar&threatid=225451&enterprise=0
Název: BrowserModifier:Win32/Neobar
ID: 225451
Závažnost: Vysoké
Kategorie: Program měnící nastavení prohlížeče
Cesta: file:_E:\ZALOHA PC Disk C\Users\UpdatusUser\Application Data\Opera Software\Opera Stable\Extensions\mlepmakjdoedngidjlanekmdkllganmg\1.0.0.72_0\files\popup.js
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
Verze podpisu: AV: 1.263.381.0, AS: 1.263.381.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

CodeIntegrity:
===================================

Date: 2018-03-12 13:10:15.513
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 13:10:08.040
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 13:10:02.464
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 13:09:55.166
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 13:09:54.156
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 12:54:32.560
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 12:54:31.600
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

Date: 2018-03-12 12:53:49.089
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 46%
Total physical RAM: 3063.18 MB
Available physical RAM: 1637.24 MB
Total Virtual: 4023.18 MB
Available Virtual: 2361.84 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:74.08 GB) (Free:9.2 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:638.72 GB) NTFS
Drive f: (Nový svazek) (Fixed) (Total:74.53 GB) (Free:13.6 GB) NTFS
Drive h: (LEXAR) (Removable) (Total:7.3 GB) (Free:6.11 GB) FAT32

\\?\Volume{15e2610d-0000-0000-0000-308512000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 197CA533)
Partition 1: (Active) - (Size=74.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 74.5 GB) (Disk ID: 15E2610D)
Partition 1: (Active) - (Size=74.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 57B3BD87)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 7.3 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.3 GB) - (Type=0B)

==================== End of Addition.txt ============================