Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13.03.2018
Ran by vonos (13-03-2018 06:51:53)
Running from C:\Users\vonos\Downloads
Windows 10 Pro Version 1709 16299.251 (X64) (2018-01-17 18:47:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1190194901-555339887-805972429-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1190194901-555339887-805972429-503 - Limited - Disabled)
Guest (S-1-5-21-1190194901-555339887-805972429-501 - Limited - Disabled)
vonos (S-1-5-21-1190194901-555339887-805972429-1002 - Administrator - Enabled) => C:\Users\vonos
WDAGUtilityAccount (S-1-5-21-1190194901-555339887-805972429-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{5013D154-A876-4AE4-B4A6-43C3B39BF174}) (Version: 20.8.20117.44411 - Alcor Micro Corp.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{1b3fcb8d-3d2b-4477-b722-0b3e2c1195ba}) (Version: 20.30.1 - Intel Corporation)
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
ASUS GIFTBOX (HKLM-x32\...\ASUS GIFTBOX) (Version: 7.5.24 - ASUSTek Computer Inc)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.22.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.8 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0048 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.64 - ICEpower a/s)
Balíček ovladače systému Windows - Apple Inc. (AppleUSBEthernet) Net  (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.)
Balíček ovladače systému Windows - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.78 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.18.224 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 22.0.19.242 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cloud Connect for Office 1.1.5.2 (HKLM-x32\...\Cloud Connect for Office) (Version: 1.1.5.2 - ASUS Cloud Corporation)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.64.53 - Conexant)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.5.6515 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4010.0 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.2.7 - ASUSTek COMPUTER INC.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.146 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{14C6B17A-F825-431E-9A36-8D89E65B24C8}) (Version: 65.0.3325.40 - Google Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4718 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1643.1 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1029-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
iTunes (HKLM\...\{30771861-1BBF-4BE2-8CD2-FB282C58C3ED}) (Version: 12.7.3.46 - Apple Inc.)
Malwarebytes verze 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1190194901-555339887-805972429-1002\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.5.1019.2015 - Realtek)
Remote Drive 3.0.0.6 (HKLM-x32\...\Remote Drive) (Version: 3.0.0.6 - ASUS Cloud Corporation)
Samsung CLX-3300 Series (HKLM-x32\...\Samsung CLX-3300 Series) (Version: 1.24 (15.06.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.60 (17.03.2015) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.81.00(25.05.2015) - Samsung Electronics Co., Ltd.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.12 (15.10.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.25 - Samsung Electronics Co., Ltd.) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB4018290) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.PROPLUS_{845EC284-26A3-46CA-9140-FA924FC134E0}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.3.0.595 - ASUS Cloud Corporation)
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass  (07/01/2016 11.0.0.12) (HKLM\...\AE03E43494611410A2996E4747E2A8C0FE87F26D) (Version: 07/01/2016 11.0.0.12 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.2 - ASUSTeK COMPUTER INC.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{22A8C292-AD1F-3AF9-BEB4-58ACA32AC7D6}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{3C4B0482-3BE0-316D-BA2B-ED4531CE1F9E}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{3E326D7C-A0B4-41AB-8E23-644ED5861FC9}\InprocServer32 -> C:\Program Files (x86)\ASUS\Cloud Connect for Office\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{5877B61C-58F2-3656-AA44-857CE98E33B7}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{93A14F77-9B95-3C57-A260-976782241547}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{99EC8310-4CDC-32FD-9F5B-11449A6966D3}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1190194901-555339887-805972429-1002_Classes\CLSID\{BE98147C-6CA0-30D9-8A94-D2D87EEF0E33}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.3.0.595\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.3.0.595\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.3.0.595\ASUSWSShellExt64.dll [2017-04-21] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {59BEF479-99D5-4A54-ABE8-A86A59C95A54} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ShellIconOverlayIdentifiers: [{BFD98515-CD74-48A4-98E2-13D209E3EE4F}] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => C:\WINDOWS\system32\mcicda64.dll [2018-03-10] ()
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {59BEF479-99D5-4A54-ABE8-A86A59C95A54} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-09-21] (/n software, Inc.)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\WINDOWS\system32\mscoree.dll [2017-09-29] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ef5ab69e3a8baed2\igfxDTCM.dll [2018-01-20] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-03] (Malwarebytes)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0275EB81-58C3-413C-828F-20F68AA0FB03} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2016-08-24] (ASUSTek Computer Inc.)
Task: {1B851162-6BEC-49E9-A2EB-14026184C172} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {229BFBE2-5EEF-4227-AAC7-DFA727032558} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-06-21] (Bitdefender)
Task: {27D786A4-4471-44E5-A8B2-8FC7A063294B} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe [2017-07-03] (ASUSTek Computer Inc)
Task: {29B4D330-A3EC-4A56-A812-0CEE03C7CBEC} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {2DDFD234-F26E-4AB5-B91D-3CCB4742C0FF} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [2018-02-19] (Bitdefender)
Task: {4380E7F4-8454-4AF3-B115-F4C64F353EC8} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2017-07-21] (ASUS)
Task: {4840B913-758A-4395-9BFA-8C4BE6BA0CC0} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [2016-07-05] (Conexant Systems, Inc.)
Task: {54002611-C2A5-4E3E-BF88-458D9691B7E5} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {587F6051-59CE-4EE1-A4C1-D2FDBDBE370B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-12] (Google Inc.)
Task: {5975C12E-757B-4A08-A898-96951687B6D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {5F5E0378-0317-4CFF-9633-DC70EF7B8D37} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-03-12] (Google Inc.)
Task: {6ECF6D19-4545-4C59-9533-E61D63763833} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {772ABAA8-473C-4346-9AFD-EACE185116EB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {9D03DC22-E453-4145-8477-E904C1DBDB3D} - \dIxshjfnsDsrepSSqPt2 -> No File <==== ATTENTION
Task: {9EADDBC2-34B6-451D-8292-19860A30FADE} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-09-22] (ASUSTek Computer Inc.)
Task: {A85191DF-DB39-4AAD-B71D-24FB8C34CDB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {B585BFC2-796B-434C-A3B0-78B20E1C051F} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-vonostransky@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {D3539BCC-8B88-4A8A-8D82-91A7E378C298} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {DCB7A607-78F5-451D-A60B-B1445BCFF56B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {E329ECE8-C065-4171-9479-D9E04D561164} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [2016-08-29] (Conexant Systems, Inc.)
Task: {E3BC4BF4-BDCB-4B81-BB79-6D7ABB2A3D6B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {EC16A11E-0EBC-4E3B-977B-3F53121B07CE} - \WlbBJSMcknvngxNxC2 -> No File <==== ATTENTION
Task: {F290F076-BC77-4CC1-8588-209E15D4F1BF} - \dTRRfHQjsHOvbdt2 -> No File <==== ATTENTION
Task: {F41771E8-2323-4385-AD92-4DF59CE222B1} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2016-11-09] (ASUSTek COMPUTER INC.)
Task: {F91F5A1F-6CE5-4F21-919E-357F418EE458} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\vonos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Google Keep – poznámky a seznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\vonos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=knipolnnllmklapflnccelgolnpehhpl
ShortcutWithArgument: C:\Users\vonos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\vonos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\vonos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\68712832bc7a55b0\Hangouts Google.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-12 14:29 - 2017-02-07 12:34 - 001008448 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2018-03-12 14:29 - 2017-02-07 12:34 - 000541952 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2018-03-12 14:29 - 2017-02-07 12:34 - 003243920 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2018-03-12 14:29 - 2017-02-07 12:34 - 001544568 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2018-01-26 21:31 - 2015-04-14 11:40 - 000022528 _____ () C:\WINDOWS\System32\sst7clm.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 000031256 _____ () C:\WINDOWS\System32\us008lm.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-12 19:08 - 2018-03-01 11:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-03-12 19:08 - 2018-02-05 15:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-05-04 16:05 - 2014-04-14 18:59 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2018-03-06 07:17 - 2018-02-22 01:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-06 07:17 - 2018-02-22 01:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 000464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-03-12 10:07 - 2018-03-10 18:41 - 000904704 _____ () C:\WINDOWS\system32\mcicda64.dll
2018-03-12 21:01 - 2018-03-06 09:12 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.146\libglesv2.dll
2018-03-12 21:01 - 2018-03-06 09:12 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.146\libegl.dll
2018-03-09 06:17 - 2018-03-09 06:17 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.8.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 06:17 - 2018-03-09 06:17 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.8.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-16 15:23 - 2018-02-16 15:24 - 025843200 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-02-16 15:23 - 2018-02-16 15:24 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-02-16 15:23 - 2018-02-16 15:24 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-01-17 18:18 - 2018-01-17 18:18 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-01-17 18:14 - 2018-01-17 18:14 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-02-16 15:23 - 2018-02-16 15:24 - 005527040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18011.13411.0_x64__8wekyb3d8bbwe\Music.Visuals.dll
2018-02-15 11:26 - 2018-02-15 11:28 - 000516608 _____ () C:\Program Files\WindowsApps\LibertyGlobal.HorizonGoCZ_2.2.0.0_x64__gmwgfebrpy77e\ConvivaUWP.dll
2018-01-17 17:46 - 2018-01-17 17:46 - 001172480 _____ () C:\Program Files\WindowsApps\LibertyGlobal.HorizonGoCZ_2.2.0.0_x64__gmwgfebrpy77e\ADBMobile.dll
2018-02-22 17:20 - 2018-02-22 17:20 - 004371456 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1802.311.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-02-22 17:20 - 2018-02-22 17:20 - 000605696 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1802.311.0_x64__8wekyb3d8bbwe\AppsPreviewProgram.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 001937408 _____ () C:\Program Files (x86)\ASUS\Giftbox\ffmpeg.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 002177536 _____ () C:\Program Files (x86)\ASUS\Giftbox\libglesv2.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000079360 _____ () C:\Program Files (x86)\ASUS\Giftbox\libegl.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 003561984 _____ () C:\Program Files (x86)\ASUS\Giftbox\node.dll
2017-07-03 10:51 - 2017-07-03 10:51 - 000292352 _____ () \\?\C:\Program Files (x86)\ASUS\Giftbox\node_modules\appcloud-native-utils\anu.node
2017-07-21 15:56 - 2017-07-21 15:56 - 000039424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2017-06-07 11:26 - 2017-06-07 11:26 - 000125440 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2017-06-21 11:51 - 2017-06-21 11:51 - 000029184 _____ () C:\Program Files (x86)\ASUS\Splendid\VideoEnhance.dll
2016-05-25 22:52 - 2016-05-25 22:52 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2018-03-13 06:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1190194901-555339887-805972429-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\vonos\Downloads\zasilka-WGUK5ULGBM733GSA\DSC_0278.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1190194901-555339887-805972429-1002\...\StartupApproved\Run: => "vidnotifier.exe"
HKU\S-1-5-21-1190194901-555339887-805972429-1002\...\StartupApproved\Run: => "693352"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D31B2ED0-09F5-40AB-9FE4-9930B4B20358}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9956EB36-964C-496C-862F-58E3AE3350D4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AFF2A974-047F-4BD4-87A2-8D757F897066}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E4CD9D82-6D11-43F3-8042-4E9BD9D47AB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{05FDAE54-266F-4960-A610-911F9F9487C3}] => (Allow) LPort=5556
FirewallRules: [{AEFF643D-F3F0-4ACD-AD3D-D6FFD414BFE5}] => (Allow) LPort=5558
FirewallRules: [{1E42BADC-938C-42E4-918A-E799657D2A71}] => (Allow) C:\Windows\twain_32\Samsung\CLX3300\SCNSearch\USDAgent.exe
FirewallRules: [{32E8445A-652D-4EA2-9153-53E24A887221}] => (Allow) C:\Windows\twain_32\Samsung\CLX3300\SCNSearch\USDAgent.exe
FirewallRules: [{258B4A97-BF12-405E-B36A-82A4CB706FF2}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe
FirewallRules: [{721BD53E-A0B9-4747-93E9-865AB1F98740}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\WebInstallAgent\SPNTInst.exe
FirewallRules: [{5469756F-EBC3-430B-8B13-5E53088B7F0F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{987063D4-A64B-4FCC-9E25-B2B2719B13CE}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{CCB78CC3-097E-4A12-8DFA-DE1D43686667}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{FEE9BE81-1AA2-4AE4-9A68-3D80BEFC408E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{C5A7C5CC-2E46-4EF6-B1D7-CB6DE1670B9D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{4409C7F3-5439-4DBF-A92E-9F63AD6D3E86}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{7E027729-5987-420B-82A4-D9FC3F70EFF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{6C537A82-E991-40E9-BADB-0E014E3C259B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{759F69D2-8086-4F5F-A71A-42798738393C}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{6F438863-5D8B-45A5-847E-87255C6DCF2D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe
FirewallRules: [{BD62E120-6D9E-436B-A33D-5FFCD654E49D}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\WebInstallAgent\SPNTInst.exe
FirewallRules: [{C4CF459E-C4E8-4C69-907B-FCB7C2483951}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{42B7B724-3FD8-4999-9BA2-D25FCD7E87DA}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{8CAF6914-DEDB-4A9B-A084-6C8AE5323405}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E8FF0338-2760-4689-B0F4-AC9A4DA0636D}] => (Allow) C:\Users\vonos\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{388B987E-7655-4049-9BF8-553E4E1F0A2E}] => (Allow) C:\Users\vonos\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7D580A62-EC51-4E09-AB0C-143443C67B9F}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [UDP Query User{2A0B0D82-E1A9-4EE8-8166-B9CB5C4A70E6}C:\program files (x86)\samsung\easy printer manager\ids.application.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\ids.application.exe
FirewallRules: [{FB37C822-9805-4079-B9B8-EFDCEB484768}] => (Allow) C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\outlook.exe
FirewallRules: [{1C31CD70-3F7D-45E1-9333-CA963526666A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{43BF9598-FD4B-452A-A632-EB9B9B89D14B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1C86AAD8-30EC-4DB0-9471-732BC08A4B27}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{42B00663-A98D-455A-A1C5-1B61C12D2580}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{84DC50AE-038B-4CD3-B713-C6A963D4F816}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\65.0.3325.40\remoting_host.exe
FirewallRules: [{4B1EEB52-1A2A-4306-BAD1-E85AFD3C7989}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{50C3837A-254F-403B-B85C-DD2A8CB0C4DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{84C375D7-2E3A-4E88-AD2B-2CF8483A4DAA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{936D4F43-BDBB-4C71-8876-C40EB11C9C66}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C1A0BF4F-F2E3-4C76-9BB7-62F25C996932}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{70915377-C2A3-4E51-BC1F-631FF58AD929}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{4A72265C-68E9-40B8-BE5D-87DE406720FA}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0EDC9B56-58D4-4D31-99A0-DC56546C6AAE}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{404496B9-2948-4079-AAC7-85FD71FEEFBB}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe
FirewallRules: [{2559DB59-DB0B-4F7D-92B8-AAEC24EBBD7A}] => (Allow) C:\Users\vonos\AppData\Local\KpEbiJz.exe
FirewallRules: [{811DCD6B-74E1-4DF4-B11F-AFA697B02FCD}] => (Allow) C:\Users\vonos\aTAQaGiwO.exe
FirewallRules: [{AB3D695C-55B9-43DF-BE38-E5D80378923A}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{01EA9A38-39B0-4C0A-8049-4F1C595D8FAF}] => (Allow) C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\FFNativeMessage.exe
FirewallRules: [{0B586EB0-B9FF-4F20-B60A-AA103CA2A52A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-02-2018 19:26:16 Installed Novabench
26-02-2018 15:32:38 Windows Update
06-03-2018 07:16:26 Windows Update
11-03-2018 21:57:51 Installed Free M4P To MP3 Converter

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2018 06:45:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1074203

Error: (03/13/2018 06:45:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1074203

Error: (03/13/2018 06:45:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2018 06:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15516

Error: (03/13/2018 06:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15516

Error: (03/13/2018 06:28:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/13/2018 06:28:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14172

Error: (03/13/2018 06:28:11 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14172


System errors:
=============
Error: (03/13/2018 05:55:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:53:53 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:43:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:29:58 AM) (Source: DCOM) (EventID: 10016) (User: ASUS-UX410UA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 a APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 uživateli ASUS-UX410UA\vonos (SID: S-1-5-21-1190194901-555339887-805972429-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:28:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:28:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 a APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/13/2018 05:28:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll

Error: (03/13/2018 05:28:18 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\WINDOWS\System32\IWMSSvc.dll


Windows Defender:
===================================
Date: 2018-03-12 10:29:16.326
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {EB7E2872-2634-468B-A3CC-8D1C9F8C67CB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: ASUS-UX410UA\vonos

Date: 2018-03-12 10:28:54.000
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vonos\AppData\Local\Temp\xmrig.exe;file:_C:\Windows\Temp\tmp00007411\tmp000001f7;file:_C:\Windows\Temp\tmp00007411\tmp00000218;file:_C:\Windows\Temp\tmp00007411\tmp0000022e;file:_C:\Windows\Temp\tmp00007411\tmp00000275;file:_C:\Windows\Temp\tmp00007411\tmp0000027b;file:_C:\Windows\Temp\tmp00007411\tmp000002a6;file:_C:\Windows\Temp\tmp00007411\tmp000002a8;file:_C:\Windows\Temp\tmp00007411\tmp000002d8;file:_C:\Windows\Temp\tmp00007411\tmp000002dd;file:_C:\Windows\Temp\tmp00007411\tmp000002e7;file:_C:\Windows\Temp\tmp00007411\tmp000002fb;file:_C:\Windows\Temp\tmp00007411\tmp00000307;file:_C:\Windows\Temp\tmp00007411\tmp0000063a;file:_C:\Windows\Temp\tmp00007411\tmp00000651;file:_C:\Windows\Temp\tmp00007411\tmp0000069e;file:_C:\Windows\Temp\tmp00007411\tmp000006b0;file:_C:\Windows\Temp\tmp00007411\tmp000006ca;file:_C:\Windows\Temp\tmp00007411\tmp000006dd
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: ASUS-UX410UA\vonos
Název procesu: C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
Verze podpisu: AV: 1.263.464.0, AS: 1.263.464.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-12 10:28:53.744
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vonos\AppData\Local\Temp\xmrig.exe;file:_C:\Windows\Temp\tmp00007411\tmp000001f7;file:_C:\Windows\Temp\tmp00007411\tmp00000218;file:_C:\Windows\Temp\tmp00007411\tmp0000022e;file:_C:\Windows\Temp\tmp00007411\tmp00000275;file:_C:\Windows\Temp\tmp00007411\tmp0000027b;file:_C:\Windows\Temp\tmp00007411\tmp000002a6;file:_C:\Windows\Temp\tmp00007411\tmp000002a8;file:_C:\Windows\Temp\tmp00007411\tmp000002d8;file:_C:\Windows\Temp\tmp00007411\tmp000002dd;file:_C:\Windows\Temp\tmp00007411\tmp000002e7;file:_C:\Windows\Temp\tmp00007411\tmp000002fb;file:_C:\Windows\Temp\tmp00007411\tmp00000307;file:_C:\Windows\Temp\tmp00007411\tmp0000063a;file:_C:\Windows\Temp\tmp00007411\tmp00000651;file:_C:\Windows\Temp\tmp00007411\tmp0000069e;file:_C:\Windows\Temp\tmp00007411\tmp000006b0;file:_C:\Windows\Temp\tmp00007411\tmp000006ca
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: ASUS-UX410UA\vonos
Název procesu: C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
Verze podpisu: AV: 1.263.464.0, AS: 1.263.464.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-12 10:28:53.488
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vonos\AppData\Local\Temp\xmrig.exe;file:_C:\Windows\Temp\tmp00007411\tmp000001f7;file:_C:\Windows\Temp\tmp00007411\tmp00000218;file:_C:\Windows\Temp\tmp00007411\tmp0000022e;file:_C:\Windows\Temp\tmp00007411\tmp00000275;file:_C:\Windows\Temp\tmp00007411\tmp0000027b;file:_C:\Windows\Temp\tmp00007411\tmp000002a6;file:_C:\Windows\Temp\tmp00007411\tmp000002a8;file:_C:\Windows\Temp\tmp00007411\tmp000002d8;file:_C:\Windows\Temp\tmp00007411\tmp000002dd;file:_C:\Windows\Temp\tmp00007411\tmp000002e7;file:_C:\Windows\Temp\tmp00007411\tmp000002fb;file:_C:\Windows\Temp\tmp00007411\tmp00000307;file:_C:\Windows\Temp\tmp00007411\tmp0000063a;file:_C:\Windows\Temp\tmp00007411\tmp00000651;file:_C:\Windows\Temp\tmp00007411\tmp0000069e;file:_C:\Windows\Temp\tmp00007411\tmp000006b0
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: ASUS-UX410UA\vonos
Název procesu: C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
Verze podpisu: AV: 1.263.464.0, AS: 1.263.464.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-12 10:28:52.800
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vonos\AppData\Local\Temp\xmrig.exe;file:_C:\Windows\Temp\tmp00007411\tmp000001f7;file:_C:\Windows\Temp\tmp00007411\tmp00000218;file:_C:\Windows\Temp\tmp00007411\tmp0000022e;file:_C:\Windows\Temp\tmp00007411\tmp00000275;file:_C:\Windows\Temp\tmp00007411\tmp0000027b;file:_C:\Windows\Temp\tmp00007411\tmp000002a6;file:_C:\Windows\Temp\tmp00007411\tmp000002a8;file:_C:\Windows\Temp\tmp00007411\tmp000002d8;file:_C:\Windows\Temp\tmp00007411\tmp000002dd;file:_C:\Windows\Temp\tmp00007411\tmp000002e7;file:_C:\Windows\Temp\tmp00007411\tmp000002fb;file:_C:\Windows\Temp\tmp00007411\tmp00000307;file:_C:\Windows\Temp\tmp00007411\tmp0000063a;file:_C:\Windows\Temp\tmp00007411\tmp00000651;file:_C:\Windows\Temp\tmp00007411\tmp0000069e
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: ASUS-UX410UA\vonos
Název procesu: C:\Program Files\Bitdefender Antivirus Free\vsserv.exe
Verze podpisu: AV: 1.263.464.0, AS: 1.263.464.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-03-12 10:28:53.184
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zaznamenalo kritickou chybu při provádění akce u malwaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Skeeyah.A!rfn&threatid=2147694182&enterprise=0
Název: Trojan:Win32/Skeeyah.A!rfn
ID: 2147694182
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\vonos\AppData\Local\Temp\xmrig.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\Script\912955.exe
Akce: Karanténa
Stav akce:  No additional actions required
Kód chyby: 0x80070005
Popis chyby: Přístup byl odepřen. 
Verze podpisu: AV: 1.263.464.0, AS: 1.263.464.0, NIS: 118.5.0.0
Verze modulu: AM: 1.1.14600.4, NIS: 2.1.14202.0

Date: 2018-01-29 05:43:09.939
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.417.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee2
Popis chyby :Operace nebyla v požadované době dokončena. 

Date: 2018-01-29 05:43:09.938
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.417.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee2
Popis chyby :Operace nebyla v požadované době dokončena. 

Date: 2018-01-29 05:43:09.938
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.261.417.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.14500.5
Kód chyby: 0x80072ee2
Popis chyby :Operace nebyla v požadované době dokončena. 

Date: 2018-01-24 19:47:26.598
Description: 
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Windows Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.  
Důvod: Antimalwarová ochrana přestala z neznámých důvodů fungovat. V některých případech lze tento problém vyřešit restartováním služby.

CodeIntegrity:
===================================

Date: 2018-03-13 05:56:34.030
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:56:34.029
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:47.263
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:47.256
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:34.525
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:34.523
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:31.144
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-13 05:35:31.129
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 61%
Total physical RAM: 8072.61 MB
Available physical RAM: 3096.95 MB
Total Virtual: 16264.61 MB
Available Virtual: 10116.39 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:475.89 GB) (Free:175.82 GB) NTFS

\\?\Volume{bdcf007b-1249-49af-9190-c8a81658a543}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{4123529b-0443-45fa-91f1-68655c3752d3}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 1806DD42)

Partition: GPT.

==================== End of Addition.txt ============================